DB: 2019-03-08

14991 changes to exploits/shellcodes

HTC Touch - vCard over IP Denial of Service

TeamSpeak 3.0.0-beta25 - Multiple Vulnerabilities

PeerBlock 1.1 - Blue Screen of Death

WS10 Data Server - SCADA Overflow (PoC)

Symantec Endpoint Protection 12.1.4013 - Service Disabling
Memcached 1.4.33 - 'Crash' (PoC)
Memcached 1.4.33 - 'Add' (PoC)
Memcached 1.4.33 - 'sasl' (PoC)
Memcached 1.4.33 - 'Crash' (PoC)
Memcached 1.4.33 - 'Add' (PoC)
Memcached 1.4.33 - 'sasl' (PoC)

Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow

man-db 2.4.1 - 'open_cat_stream()' Local uid=man

CDRecord's ReadCD - '$RSH exec()' SUID Shell Creation

CDRecord's ReadCD - Local Privilege Escalation
Anyburn 4.3 x86 - 'Copy disc to image file' Buffer Overflow (Unicode) (SEH)
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)

CCProxy 6.2 - 'ping' Remote Buffer Overflow

Savant Web Server 3.1 - Remote Buffer Overflow (2)

Litespeed Web Server 4.0.17 with PHP (FreeBSD) - Remote Overflow

Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)
Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)
Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass)
TeamCity < 9.0.2 - Disabled Registration Bypass
OpenSSH SCP Client - Write Arbitrary Files
Kados R10 GreenBee - Multiple SQL Injection
WordPress Core 5.0 - Remote Code Execution
phpBB 3.2.3  - Remote Code Execution

Linux/x86 - Create File With Permission 7775 + exit() Shellcode (Generator)
Linux/x86 - setreuid(0_0) + execve(/bin/ash_NULL_NULL) + XOR Encoded Shellcode (58 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/csh__ [/bin/csh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/ksh__ [/bin/ksh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/zsh__ [/bin/zsh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(/bin/ash_NULL_NULL) + XOR Encoded Shellcode (58 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/csh__ [/bin/csh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/ksh__ [/bin/ksh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/zsh__ [/bin/zsh_ NULL]) + XOR Encoded Shellcode (53 bytes)

exploits/aix/dos/19046.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/61/info
+source: https://www.securityfocus.com/bid/61/info
 
 There exists a buffer overflow in the Apple AppleShare IP Mail Server 5.0.3. If yu connect to the SMTP port 
 and issue a HELO command with a large string (500 bytes or more) for a hostname the server, and possibly the whole machine, will crash.

exploits/aix/dos/19049.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/66/info
+source: https://www.securityfocus.com/bid/66/info
 
 A vulnerability exists in inetd which allows a remote user to crash inetd if the tcpmux service is not commented
 out of /etc/inetd.conf. The tcpmux service is defined in RFC1078

exploits/aix/dos/22249.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/6840/info
+source: https://www.securityfocus.com/bid/6840/info
 
 A buffer overflow vulnerability has been discovered in the libIM library available for the AIX 4.3, 5.1, 5.2 operating system. As a result it may be possible to overwrite sensitive memory in programs linked to the affected library. By identifying a linked application with the setuid bit applied, it may be possible to exploit this vulnerability to execute code with elevated privileges.
 

exploits/aix/dos/25807.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/13909/info
+source: https://www.securityfocus.com/bid/13909/info
 
 invscout is prone to a local buffer overflow vulnerability. This issue presents itself because the application fails to carry out boundary checks on user-supplied data from the command line. 
 

exploits/aix/local/19041.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/17/info
+source: https://www.securityfocus.com/bid/17/info
 
 By default, /usr/bin/chroot is improperly installed in Ultrix versions 4.0 and 4.1. Anyone can execute /usr/bin/chroot this can lead to system users to gain unauthorized privileges.
 

exploits/aix/local/19043.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/22/info
+source: https://www.securityfocus.com/bid/22/info
 
 This applies to sites that have installed Sun Source tapes only.
 

exploits/aix/local/19045.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/59/info
+source: https://www.securityfocus.com/bid/59/info
 
 /etc/crash was installed setgid kmem and excutable by anyone. Any user can use the ! shell command escape to executes commands, which are then performed with group set to kmem.
 

exploits/aix/local/19213.sh

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/268/info
+source: https://www.securityfocus.com/bid/268/info
 
 A buffer overflow in libc's handling of the LC_MESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM's AIX and Sun Microsystem's Solaris. This vulnerability allows local users to gain root privileges.
 

exploits/aix/local/19214.c

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/268/info
+// source: https://www.securityfocus.com/bid/268/info
  
 A buffer overflow in libc's handling of the LC_MESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM's AIX and Sun Microsystem's Solaris. This vulnerability allows local users to gain root privileges.
 

exploits/aix/local/19215.c

@@ -1,5 +1,5 @@
 /*
-source: http://www.securityfocus.com/bid/268/info
+source: https://www.securityfocus.com/bid/268/info
   
 A buffer overflow in libc's handling of the LC_MESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM's AIX and Sun Microsystem's Solaris. This vulnerability allows local users to gain root privileges.
 */

exploits/aix/local/19216.c

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/268/info
+// source: https://www.securityfocus.com/bid/268/info
    
 A buffer overflow in libc's handling of the LC_MESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM's AIX and Sun Microsystem's Solaris. This vulnerability allows local users to gain root privileges.
 

exploits/aix/local/19217.c

@@ -1,5 +1,5 @@
 /*
-source: http://www.securityfocus.com/bid/268/info
+source: https://www.securityfocus.com/bid/268/info
     
 A buffer overflow in libc's handling of the LC_MESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM's AIX and Sun Microsystem's Solaris. This vulnerability allows local users to gain root privileges.
 */

exploits/aix/local/19229.txt

@@ -1,4 +1,4 @@
-soure: http://www.securityfocus.com/bid/287/info
+soure: https://www.securityfocus.com/bid/287/info
 
 IBM's eNetwork Firewall for AIX contains a number of vulnerability in scripts which manipulate files insecurely. When fwlsuser script is run it creates a temporary file called /tmp/fwlsuser.PID ( where PID is the process ID of the command being run ). If this file is created previously and is a link to any other file the output generated by the fwlsuser script will overwrite this linked file. 
 

exploits/aix/local/19287.c

@@ -1,5 +1,5 @@
 /*
-source: http://www.securityfocus.com/bid/370/info
+source: https://www.securityfocus.com/bid/370/info
 
 Certain versions of AIX ship with an Information Daemon, infod. This program is designed to provide information about the OS and installed ancilliary programs. The daemon which runs as root, does not check credentials which are passed to it. This allows users to pass requests with arbitrary UID's. If a user passes infod a request as root, they can goto the default options menu and change the printer command line to an alternate binary such as /bin/sh that gives privileges to the account the session was spawned under.
 */

exploits/aix/local/19300.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/375/info
+source: https://www.securityfocus.com/bid/375/info
 
 The snap command is a diagnostic utlitiy for gathering system information on AIX platforms. It can only be executed by root, but it copies various system files into /tmp/ibmsupt/ under /tmp/ibmsupt/general/ you will find the passwd file with cyphertext. The danger here is if a system administrator executes snap -a as sometimes requested by IBM support while diagnosing a problem it defeats password shadowing. /tmp/ibmsupt is created with 755 permissions they may carry out a symlink attack and gain access to the password file. 
 

exploits/aix/local/19306.c

@@ -1,5 +1,5 @@
 /*
-source: http://www.securityfocus.com/bid/385/info
+source: https://www.securityfocus.com/bid/385/info
 
 AIX version 4.2.1 introduced a new command titled 'portmir'. This new program had two notable vulnerabilites. First it contained a buffer overflow which allowed malicious users to obtain root privileges. Secondly it wrote it's log files to a world readable directly thereby exposing security relavent information. 
 */

exploits/aix/local/19307.c

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/387/info
+// source: https://www.securityfocus.com/bid/387/info
 
 A buffer overflow condition exists in some versions of /usr/sbin/ping under AIX. Given that ping is SUID root, this overflow allows malicious users to gain root from it.
 

exploits/aix/local/19309.c

@@ -1,5 +1,5 @@
 /*
-source: http://www.securityfocus.com/bid/389/info
+source: https://www.securityfocus.com/bid/389/info
 
 A buffer overflow can occur in lchangelv under some versions of AIX. Note that an attacker must already have the GID or EGID of 'system' to execute lchangelv.
 

exploits/aix/local/19318.c

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/417/info
+// source: https://www.securityfocus.com/bid/417/info
 
 A buffer overrun exists in the permissions program, as shipped by Silicon Graphics with the 5.x and 6.x Irix operating system. By supplying a long, well crafted buffer as the 4th argument to the program, arbitrary code can be executed as group sys.
 

exploits/aix/local/19344.sh

@@ -1,4 +1,4 @@
-#source: http://www.securityfocus.com/bid/454/info
+#source: https://www.securityfocus.com/bid/454/info
 #
 #Under older versions of AIX By changing the IFS enviroment variable to / setuid root programs that use system() or popen() can be fooled into running user provided programs. 
 #

exploits/aix/local/19345.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/455/info
+source: https://www.securityfocus.com/bid/455/info
 
 There exists a vulnerability in the lquerypv command under AIX. By using the '-h' flaq, a user may read any file on the file system in hex format. 
 

exploits/aix/local/19354.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/468/info
+source: https://www.securityfocus.com/bid/468/info
 
 The sgihelp program, from SGI and included with IRIX 5.1 and 5.2, contains a vulnerability. sgihelp contains an option that allows a user to print to a command. Certain SGI utilities, including PrintStatus, printers, scanners, and a number of others, will call this program without changing their uid to the users, from roots. As such, arbitrary commands can be executed as root using the 'print to command' option of sgihelp.
 

exploits/aix/local/19418.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/520/info
+source: https://www.securityfocus.com/bid/520/info
 
 adb is the debugger that ships with IBM's AIX operating system. It is possible for a local user to cause a local denial of service through exploiting the version of adb shipped with AIX 4.2 through 4.3.1. The consequence of adb being exploited is the machine being halted by a malicious local user.
 

exploits/aix/local/20213.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/1660/info
+source: https://www.securityfocus.com/bid/1660/info
 
 A vulnerability exists in versions 4.x. x of AIX, from IBM. Any local user can utilize the -Z command to netstat, without needing to be root. This will cause interface statistics to be reset. This could potentially interfere with programs that track statistical information.
 

exploits/aix/local/20290.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/1800/info
+source: https://www.securityfocus.com/bid/1800/info
 
 A vulnerability exists in AIX 3.* versions of bugfiler, a utility which automates the process of reporting an filing system bugs. Bugfiler, installed setuid root, creates files in a directory specified by the user invoking the program (example: $/lib/bugfiler -b <user> directory>). It may be possible for an attacker to create files in arbitrary directories that are owned by attacker-specified users. This may result in an elevation of privileges for the attacker. Further technical details about this vulnerability are not known.
 

exploits/aix/local/20452.c

@@ -1,5 +1,5 @@
 /*
-source: http://www.securityfocus.com/bid/2032/info
+source: https://www.securityfocus.com/bid/2032/info
 
 AIX is a version of the UNIX Operating System distributed by IBM. A problem exists that could allow a user elevated priviledges.
 

exploits/aix/local/20453.c

@@ -1,5 +1,5 @@
 /*
-source: http://www.securityfocus.com/bid/2033/info
+source: https://www.securityfocus.com/bid/2033/info
 
 AIX is a version of the UNIX Operating System distributed by IBM. A vulnerability exists in the operating system which could allow a user an elevation in priviledge.
 

exploits/aix/local/20454.sh

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/2034/info
+source: https://www.securityfocus.com/bid/2034/info
 
 AIX is a variant of the UNIX Operating System, distributed by IBM. A problem exists that may allow elevation of user priviledges.
 

exploits/aix/local/20455.c

@@ -1,5 +1,5 @@
 /*
-source: http://www.securityfocus.com/bid/2037/info
+source: https://www.securityfocus.com/bid/2037/info
 
 AIX is a variant of the UNIX Operating System, distributed by IBM. A problem exists which can allow a local user elevated priviledges.
 

exploits/aix/local/20965.sh

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/2916/info
+source: https://www.securityfocus.com/bid/2916/info
 
 AIX ships with a diagnostic reporting utility called 'diagrpt'. This utility is installed setuid root by default.
 

exploits/aix/local/21094.c

@@ -1,4 +1,4 @@
-// source: http://www.securityfocus.com/bid/3238/info
+// source: https://www.securityfocus.com/bid/3238/info
 // 
 // The 'piomkapqd' utility is a component of the AIX printing subsystem. By default, it is installed setgid and owned by the 'printk' group.
 // 

exploits/aix/local/21904.pl

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/5885/info
+source: https://www.securityfocus.com/bid/5885/info
 
 The IBM AIX errpt command is prone to a locally exploitable buffer overflow condition. It is possible to exploit this condition to execute arbitrary attacker-supplied instructions with root privileges.
 

exploits/aix/local/22756.pl

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7871/info
+source: https://www.securityfocus.com/bid/7871/info
 
 Insufficient bounds checking in the lsmcode utility will allow locally based attackers to cause memory to be corrupted with attacker-supplied data. As a result, it is possible to exploit this condition to execute arbitrary attacker-supplied instructions with elevated privileges. 
 

exploits/aix/local/23838.pl

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/9903/info
+source: https://www.securityfocus.com/bid/9903/info
 
 GNU make for IBM AIX has been reported to be prone to a buffer overflow vulnerability, the issue is reported to exist due to a lack of sufficient boundary checks performed when reading the path to the CC compiler.
 

exploits/aix/local/23840.pl

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/9905/info
+source: https://www.securityfocus.com/bid/9905/info
 
 getlvcb has been reported to be prone to a buffer overflow vulnerability.
 

exploits/aix/local/23841.c

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/9905/info
+// source: https://www.securityfocus.com/bid/9905/info
  
 getlvcb has been reported to be prone to a buffer overflow vulnerability.
  

exploits/aix/local/23883.pl

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/9982/info
+source: https://www.securityfocus.com/bid/9982/info
 
 Reportedly AIX invscoutd insecurely handles temporary files; this may allow a local attacker to destroy data on vulnerable system. This issue is due to a design error that allows a user to specify a log file that the process writes to while holding escalated privileges.
 

exploits/aix/local/25039.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/12041/info
+source: https://www.securityfocus.com/bid/12041/info
 
 diag is reported prone to a local privilege escalation vulnerability. This issue is due to a failure of certain diag applications to properly implement security controls when executing an application specified by the 'DIAGNOSTICS' environment variable.
 

exploits/aix/local/26996.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/16102/info
+source: https://www.securityfocus.com/bid/16102/info
 
 IBM AIX is prone to a local vulnerability in getShell and getCommand. This issue may let local attackers enumerate the existence of files on the computer that they wouldn't ordinarily be able to see.
 

exploits/aix/local/26997.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/16103/info
+source: https://www.securityfocus.com/bid/16103/info
 
 IBM AIX is prone to a local vulnerability in getShell and getCommand. This vulnerability may let the attacker gain unauthorized read access to shell scripts on the computer. 
 

exploits/aix/local/30399.c

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/25075/info
+// source: https://www.securityfocus.com/bid/25075/info
 
 IBM AIX is prone to a local, stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input to a program that is installed setuid-superuser.
 

exploits/aix/remote/19047.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/62/info
+source: https://www.securityfocus.com/bid/62/info
 
 There exists a buffer overflow in the Stalker Internet Mail Server version 1.6. If you connect to the SMTP port and issue a HELO command with a large string (several hundred bytes) for a hostname the server, and possibly MacOS, will crash.
 

exploits/aix/remote/19048.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/64/info
+source: https://www.securityfocus.com/bid/64/info
 
 There exists a security vulnerability with the CGI program pfdispaly.cgi distributed with IRIX. This problem its not fixed by patch 3018.
 

exploits/aix/remote/19237.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/297/info
+source: https://www.securityfocus.com/bid/297/info
 
 NTMail v3.X is susceptible to being used as a mail relay for SPAM or other unsolicited email. Connecting to the mail server (tcp25) and issuing a 'mail from' command with <> as the data will allow an unathorized user to relay email via this server.
 

exploits/aix/remote/19348.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/458/info
+source: https://www.securityfocus.com/bid/458/info
 
 A problem with the way login parses arguments as passed by rlogind that may allow access to the root account. 
 

exploits/aix/remote/19532.pl

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/679/info
+source: https://www.securityfocus.com/bid/679/info
 
 A remote buffer overflow vulnerability in AIX's ftpd allows remote users to obtain root access. 
 

exploits/aix/remote/21093.c

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/3237/info
+// source: https://www.securityfocus.com/bid/3237/info
 
 The Source Code Browser's Program Database Name Server Daemon (pdnsd) component of the C Set ++ compiler for AIX contains a remotely exploitable buffer overflow. This vulnerability allows local or remote attackers to compromise root privileges on vulnerable systems.
 

exploits/android/dos/31307.py

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/28005/info
+source: https://www.securityfocus.com/bid/28005/info
 
 Android Web Browser is prone to a heap-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
 

exploits/android/dos/31308.html

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/28006/info
+source: https://www.securityfocus.com/bid/28006/info
 
 Android Web Browser is prone to an integer-overflow vulnerability because it fails to adequately handle user-supplied data.
 

exploits/android/dos/42135.c

@@ -1,5 +1,5 @@
-# Source: https://raw.githubusercontent.com/danieljiang0415/android_kernel_crash_poc/master/panic.c
-#
+// Source: https://raw.githubusercontent.com/danieljiang0415/android_kernel_crash_poc/master/panic.c
+
 #include <stdio.h>
 #include <sys/socket.h>
 #include <arpa/inet.h>

exploits/android/local/39061.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/65123/info
+source: https://www.securityfocus.com/bid/65123/info
 
 GoToMeeting for Android is prone to multiple local information-disclosure vulnerabilities.
 

exploits/android/remote/37792.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/55523/info
+source: https://www.securityfocus.com/bid/55523/info
 
 Google Chrome for Android is prone to multiple vulnerabilities.
 

exploits/android/remote/37793.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/55523/info
+source: https://www.securityfocus.com/bid/55523/info
  
 Google Chrome for Android is prone to multiple vulnerabilities.
  

exploits/android/remote/37794.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/55523/info
+source: https://www.securityfocus.com/bid/55523/info
   
 Google Chrome for Android is prone to multiple vulnerabilities.
   

exploits/android/remote/37795.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/55523/info
+source: https://www.securityfocus.com/bid/55523/info
    
 Google Chrome for Android is prone to multiple vulnerabilities.
    

exploits/android/remote/38170.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/57173/info
+source: https://www.securityfocus.com/bid/57173/info
 
 Facebook for Android is prone to an information-disclosure vulnerability.
 

exploits/android/remote/38310.c

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/57900/info
+// source: https://www.securityfocus.com/bid/57900/info
 
 The PowerVR SGX driver in Android is prone to an information-disclosure vulnerability. 
 

exploits/android/remote/38586.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/60566/info
+source: https://www.securityfocus.com/bid/60566/info
 
 TaxiMonger for Android is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input.
 

exploits/android/remote/38627.sh

@@ -1,4 +1,4 @@
-#source: http://www.securityfocus.com/bid/60952/info
+#source: https://www.securityfocus.com/bid/60952/info
 #
 #Google Android is prone to a remote security-bypass vulnerability.
 #

exploits/android/remote/38821.py

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/63547/info
+source: https://www.securityfocus.com/bid/63547/info
 
 Google Android is prone to a security-bypass vulnerability.
 

exploits/asp/dos/25962.xml

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/14217/info
+source: https://www.securityfocus.com/bid/14217/info
 
 ASP.NET is susceptible to a remote denial of service vulnerability. This issue is due to the possibility of causing an infinite loop on the server when handling RPC/encoded requests.
 

exploits/asp/dos/27258.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/16771/info
+source: https://www.securityfocus.com/bid/16771/info
 
 Ipswitch WhatsUp Professional 2006 is susceptible to a remote denial-of-service vulnerability. This issue is due to the application's failure to properly handle certain HTTP GET requests.
 

exploits/asp/dos/35154.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/45588/info
+source: https://www.securityfocus.com/bid/45588/info
 
 Sigma Portal is prone to a denial-of-service vulnerability.
 

exploits/asp/remote/27861.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/17964/info
+source: https://www.securityfocus.com/bid/17964/info
 
 WhatsUp Professional is prone to multiple input-validation vulnerabilities. The issues include remote file-include, information-disclosure, source-code disclosure, cross-site scripting, and input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. 
 

exploits/asp/remote/27862.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/17964/info
+source: https://www.securityfocus.com/bid/17964/info
  
 WhatsUp Professional is prone to multiple input-validation vulnerabilities. The issues include remote file-include, information-disclosure, source-code disclosure, cross-site scripting, and input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. 
  

exploits/asp/webapps/16178.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/45211/info
+source: https://www.securityfocus.com/bid/45211/info
 
 Real Estate Single is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
 

exploits/asp/webapps/16179.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/45212/info
+source: https://www.securityfocus.com/bid/45212/info
 
 Multi Agent System is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
 

exploits/asp/webapps/20987.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/2956/info
+source: https://www.securityfocus.com/bid/2956/info
 
 Citrix Nfuse is an application portal server meant to provide the functionality of any application on the server via a web browser. Nfuse works in conjunction with a previously-installed webserver.
 

exploits/asp/webapps/21308.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/4192/info
+source: https://www.securityfocus.com/bid/4192/info
 
 Snitz Forums 2000 is ASP-based web forum software. It runs on Microsoft Windows operating systems.
 

exploits/asp/webapps/21400.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/4558/info
+source: https://www.securityfocus.com/bid/4558/info
 
 Snitz Forums 2000 is ASP-based web forum software. It runs on Microsoft Windows operating systems. Snitz is back-ended by a database and supports Microsoft Access 97/2000, SQL Server 6.5/7.0/2000 and MySQL.
 

exploits/asp/webapps/21434.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/4661/info
+source: https://www.securityfocus.com/bid/4661/info
 
 Spooky Login is a commerical web access control and account management software package. It is distributed and maintained by Outfront, and is designed for Microsoft IIS Webservers.
 

exploits/asp/webapps/21455.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/4759/info
+source: https://www.securityfocus.com/bid/4759/info
 
 Hosting Controller is an application which consolidates all hosting tasks into one interface. Hosting Controller runs on Microsoft Windows operating systems.
 

exploits/asp/webapps/21457.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/4761/info
+source: https://www.securityfocus.com/bid/4761/info
 
 Hosting Controller is an application which consolidates all hosting tasks into one interface. Hosting Controller runs on Microsoft Windows operating systems.
 

exploits/asp/webapps/21464.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/4778/info
+source: https://www.securityfocus.com/bid/4778/info
 
 Hosting Controller is an application which consolidates all hosting tasks into one interface. Hosting Controller runs on Microsoft Windows operating systems.
 

exploits/asp/webapps/21702.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/5438/info
+source: https://www.securityfocus.com/bid/5438/info
 
 Midicart ASP is a commercially available e-commerce solution distributed by Coxco Support. It is available for the Microsoft Windows operating system.
 

exploits/asp/webapps/21766.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/5600/info
+source: https://www.securityfocus.com/bid/5600/info
 
 FactoSystem Weblog is a freely available, open source software package for weblogging and managing content. It is available for Microsoft Windows operating systems.
 

exploits/asp/webapps/21914.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/5915/info
+source: https://www.securityfocus.com/bid/5915/info
 
 SSGbook includes codes for allowing users to specify HTML formatting and layout inside of guestbook entries. For example, a user can include an image by including it inside of [image] or [img] tags. However, arbitrary HTML and script code are not sufficiently sanitized within these tags.
 

exploits/asp/webapps/21920.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/5922/info
+source: https://www.securityfocus.com/bid/5922/info
 
 Microsoft Content Management Server 2001 is reported to be prone to cross-site scripting attacks.
 

exploits/asp/webapps/21924.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/5928/info
+source: https://www.securityfocus.com/bid/5928/info
 
 SurfControl SuperScout Email Filter comes with a web-based interface to provide remote access to administrative facilities.
 

exploits/asp/webapps/21925.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/5929/info
+source: https://www.securityfocus.com/bid/5929/info
 
 SurfControl SuperScout Email Filter comes with a web-based interface to provide remote access to administrative facilities.
 

exploits/asp/webapps/22357.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7108/info
+source: https://www.securityfocus.com/bid/7108/info
 
 A cross-site scripting vulnerability has been discovered in ClearTrust. Specifically, the login page for the management application is not properly sanitized of some user-supplied values.
 

exploits/asp/webapps/22436.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7211/info
+source: https://www.securityfocus.com/bid/7211/info
 
 It has been reported that MyGuestBK does not sufficiently filter user-supplied URI parameters on the MyGuestBK Information Server 'Add Entry' page.
 

exploits/asp/webapps/22437.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7213/info
+source: https://www.securityfocus.com/bid/7213/info
 
 MyGuestBk has been reported vulnerable to unauthorized Admin Panel Access.
 

exploits/asp/webapps/22484.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7328/info
+source: https://www.securityfocus.com/bid/7328/info
 
 Ocean12 Guestbook Manager has been reported prone to sensitive information disclosure vulnerability.
 

exploits/asp/webapps/22487.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7341/info
+source: https://www.securityfocus.com/bid/7341/info
 
 Web Wiz Site News has been reported prone to sensitive information disclosure vulnerability.
 

exploits/asp/webapps/22507.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7380/info
+source: https://www.securityfocus.com/bid/7380/info
 
 Web Wiz Forum has been reported prone to sensitive information disclosure vulnerability.
 

exploits/asp/webapps/22513.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7390/info
+source: https://www.securityfocus.com/bid/7390/info
 
 MPCSoftWeb does not sufficiently secure the database file. It is possible for remote attackers to request the database file and gain access to sensitive information such as administrative credentials for the guestbook. 
 

exploits/asp/webapps/22529.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7416/info
+source: https://www.securityfocus.com/bid/7416/info
 
 bttlxe Forum is a web-based discussion forum implemented in ASP.
 

exploits/asp/webapps/22554.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7470/info
+source: https://www.securityfocus.com/bid/7470/info
 
 A vulnerability has been reported for BizTalk Server which may make it possible for remote users to modify database query logic. The vulnerability exists in some of the pages used by the DTA interface.
 

exploits/asp/webapps/22555.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7470/info
+source: https://www.securityfocus.com/bid/7470/info
  
 A vulnerability has been reported for BizTalk Server which may make it possible for remote users to modify database query logic. The vulnerability exists in some of the pages used by the DTA interface.
  

exploits/asp/webapps/22583.pl

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7549/info
+source: https://www.securityfocus.com/bid/7549/info
 
 Snitz Forums 2000 is ASP-based web forum software. It runs on Microsoft Windows operating systems. Snitz is back-ended by a database and supports Microsoft Access 97/2000, SQL Server 6.5/7.0/2000 and MySQL.
 

exploits/asp/webapps/22639.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7675/info
+source: https://www.securityfocus.com/bid/7675/info
 
 The IISProtect web administration interface does not properly sanitize user input. This could allow for SQL injection attacks on a Microsoft IIS server running IISProtect.
 

exploits/asp/webapps/22673.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7739/info
+source: https://www.securityfocus.com/bid/7739/info
 
 A vulnerability has been discovered in the 'philboard_admin.asp' script used by Philboard. The problem occurs during authentication and may allow an attacker to gain unauthorized administrative access.
 

exploits/asp/webapps/22697.asp

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7765/info
+source: https://www.securityfocus.com/bid/7765/info
 
 A vulnerability has been reported for iisCart2000 that may result in an attacker uploading arbitrary files to a vulnerable server. The vulnerability exists in the upload.asp script. This will allow an attacker to upload arbitrary files to the vulnerable server. Successful exploitation may result in the execution of attacker-supplied code. 
 

exploits/asp/webapps/22698.pl

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7766/info
+source: https://www.securityfocus.com/bid/7766/info
 
 This vulnerability is reportedly caused by a lack of sufficient sanitization of user-supplied data contained in URI parameters supplied to WebStores2000.
 

exploits/asp/webapps/22724.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7804/info
+source: https://www.securityfocus.com/bid/7804/info
 
 Several software products maintained by Xpressions Interactive are prone to SQL injection attacks.
 

exploits/asp/webapps/22730.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7813/info
+source: https://www.securityfocus.com/bid/7813/info
 
 Mailtraq is vulnerable to cross-site scripting attacks. The vulnerability exists due to insufficient sanitization of HTTP requests to the vulnerable Mailtraq server.
 

exploits/asp/webapps/22731.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7815/info
+source: https://www.securityfocus.com/bid/7815/info
 
 A vulnerability has been reported for Mailtraq that may result in the disclosure of path information.
 

exploits/asp/webapps/22744.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7833/info
+source: https://www.securityfocus.com/bid/7833/info
 
 Synkron.web is prone to HTML injection attacks. The vulnerability exists in the search script and is a result of insufficient sanitization of malicious HTML code from user-supplied input. HTML and script code may be echoed back when an existing user is views a cached search page.
 

exploits/asp/webapps/22746.txt

@@ -1,4 +1,4 @@
-source: http://www.securityfocus.com/bid/7837/info
+source: https://www.securityfocus.com/bid/7837/info
 
 A number of vulnerabilities have been discovered in the MaxWebPortal.