Updated 07_22_2014
This commit is contained in:
Offensive Security
parent
b640b49bf8
commit
b98d02460d
7 changed files with 74 additions and 0 deletions
|
|
@ -30697,6 +30697,7 @@ id,file,description,date,author,platform,type,port
|
|||
34086,platforms/linux/webapps/34086.txt,"Bitdefender GravityZone 5.1.5.386 - Multiple Vulnerabilities",2014-07-16,"SEC Consult",linux,webapps,443
|
||||
34087,platforms/php/webapps/34087.txt,"Joomla Youtube Gallery Component - SQL Injection Vulnerability",2014-07-16,"Pham Van Khanh",php,webapps,80
|
||||
34088,platforms/android/remote/34088.html,"Boat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability",2014-07-16,c0otlass,android,remote,0
|
||||
34089,platforms/php/webapps/34089.txt,"Bilboplanet 2.0 - Multiple XSS Vulnerabilities",2014-07-16,"Vivek N",php,webapps,80
|
||||
34090,platforms/multiple/dos/34090.py,"Node Browserify 4.2.0 - Remote Code Execution Vulnerability",2014-07-16,"Cal Leeming",multiple,dos,0
|
||||
34091,platforms/php/webapps/34091.txt,"Pay Per Minute Video Chat Script 2.x SQL Injection and Multiple Cross Site Scripting Vulnerabilities",2010-01-04,R3d-D3V!L,php,webapps,0
|
||||
34092,platforms/jsp/webapps/34092.txt,"JForum 2.1.8 'bookmarks' Module Multiple HTML Injection Vulnerabilities",2010-06-06,"Adam Baldwin",jsp,webapps,0
|
||||
|
|
@ -30720,3 +30721,8 @@ id,file,description,date,author,platform,type,port
|
|||
34116,platforms/php/webapps/34116.txt,"Bits Video Script 2.05 Gold Beta showcasesearch.php rowptem[template] Parameter Remote File Inclusion",2010-01-18,indoushka,php,webapps,0
|
||||
34117,platforms/php/webapps/34117.txt,"Bits Video Script 2.05 Gold Beta showcase2search.php rowptem[template] Parameter Remote File Inclusion",2010-01-18,indoushka,php,webapps,0
|
||||
34118,platforms/php/webapps/34118.txt,"Hitmaaan Gallery 1.3 Multiple Cross Site Scripting Vulnerabilities",2010-01-18,indoushka,php,webapps,0
|
||||
34119,platforms/php/webapps/34119.txt,"Bits Video Script 2.04/2.05 addvideo.php File Upload Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0
|
||||
34120,platforms/php/webapps/34120.txt,"Bits Video Script 2.04/2.05 register.php File Upload Arbitrary PHP Code Execution",2010-01-18,indoushka,php,webapps,0
|
||||
34121,platforms/php/webapps/34121.txt,"Bits Video Script 2.04/2.05 'search.php' Cross Site Scripting Vulnerability",2010-01-18,indoushka,php,webapps,0
|
||||
34126,platforms/windows/remote/34126.txt,"Microsoft Help and Support Center 'sysinfo/sysinfomain.htm' Cross Site Scripting Weakness",2010-06-10,"Tavis Ormandy",windows,remote,0
|
||||
34127,platforms/php/webapps/34127.txt,"Arab Portal 2.2 'members.php' SQL Injection Vulnerability",2010-06-10,SwEET-DeViL,php,webapps,0
|
||||
|
|
|
|||
|
Can't render this file because it is too large.
|
18
platforms/php/webapps/34089.txt
Executable file
18
platforms/php/webapps/34089.txt
Executable file
|
|
@ -0,0 +1,18 @@
|
|||
# Exploit Title: Multiple XSS vulnerabilities in Bilboplanet application
|
||||
# Date: 10/15/13
|
||||
# Exploit Author:Vivek N
|
||||
# (http://nvivek.weebly.com/)
|
||||
# Vendor Homepage: http://www.bilboplanet.com/
|
||||
# Software Link: www.bilboplanet.com/index.php/downloads/?lang=en
|
||||
# Version: 2.0
|
||||
# Tested on: Windows
|
||||
# CVE :
|
||||
|
||||
1. Stored XSS Vulnerability when creating and updating tribes in
|
||||
http://localhost/bilboplanet/user/?page=tribes
|
||||
POST Parameter: tribe_name
|
||||
2. Stored XSS vulnerability when adding tag
|
||||
http://localhost/bilboplanet/user/?page=tribes
|
||||
POST Parameter: tags
|
||||
3. Stored XSS in parameters : user_id and fullname
|
||||
http://127.0.0.1/bilboplanet/signup.php
|
||||
9
platforms/php/webapps/34119.txt
Executable file
9
platforms/php/webapps/34119.txt
Executable file
|
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/40712/info
|
||||
|
||||
Bits Video Script is prone to multiple arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker can exploit these vulnerabilities to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
|
||||
|
||||
Bits Video Script 2.04 and 2.05 Gold Beta are vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/Video/addvideo.php
|
||||
9
platforms/php/webapps/34120.txt
Executable file
9
platforms/php/webapps/34120.txt
Executable file
|
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/40712/info
|
||||
|
||||
Bits Video Script is prone to multiple arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker can exploit these vulnerabilities to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
|
||||
|
||||
Bits Video Script 2.04 and 2.05 Gold Beta are vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/Video/register.php
|
||||
9
platforms/php/webapps/34121.txt
Executable file
9
platforms/php/webapps/34121.txt
Executable file
|
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/40716/info
|
||||
|
||||
Bits Video Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
|
||||
|
||||
Bits Video Script 2.04 and 2.05 Gold Beta are vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/Video/search.php?order=>'><ScRiPt%20%0a%0d>alert(213771818860)%3B</ScRiPt>
|
||||
9
platforms/php/webapps/34127.txt
Executable file
9
platforms/php/webapps/34127.txt
Executable file
|
|
@ -0,0 +1,9 @@
|
|||
source: http://www.securityfocus.com/bid/40735/info
|
||||
|
||||
Arab Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
|
||||
|
||||
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
|
||||
|
||||
Arab Portal 2.2 is vulnerable; other versions may also be affected.
|
||||
|
||||
http://www.example.com/apt/members.php?action=msearch&by=[SQL]
|
||||
14
platforms/windows/remote/34126.txt
Executable file
14
platforms/windows/remote/34126.txt
Executable file
|
|
@ -0,0 +1,14 @@
|
|||
source: http://www.securityfocus.com/bid/40721/info
|
||||
|
||||
Help and Support Center is prone to a cross-site scripting weakness because it fails to properly sanitize user-supplied input.
|
||||
|
||||
An attacker may leverage this issue to execute arbitrary script code in the privileged zone of the browser of an unsuspecting user.
|
||||
|
||||
NOTE: This issue is a weakness because the affected file is only accessible by trusted sources unless other vulnerabilities, such as BID 40725 (Microsoft Windows Help And Support Center Trusted Document Whitelist Bypass Vulnerability) are used to bypass the restrictions. This weakness may then be used to execute script code in the privileged zone of the browser by unauthorized sites.
|
||||
|
||||
|
||||
The following example URI is available:
|
||||
|
||||
hcp://system/sysinfo/sysinfomain.htm?svr=<h1>test</h1>
|
||||
|
||||
|
||||
Loading…
Add table
Reference in a new issue