DB: 2015-06-12

1 new exploits
2015-06-12 05:03:29 +00:00 · 2015-06-12 05:03:29 +00:00 · dc651e3c85
commit dc651e3c85
parent 5deff36e99
3 changed files with 64 additions and 17 deletions
--- a/files.csv
+++ b/files.csv
@ -3293,7 +3293,7 @@ id,file,description,date,author,platform,type,port
 3632,platforms/php/webapps/3632.pl,"XOOPS Module myAlbum-P <= 2.0 (cid) Remote SQL Injection Exploit",2007-04-01,ajann,php,webapps,0
 3633,platforms/php/webapps/3633.htm,"XOOPS Module RM+Soft Gallery 1.0 - Blind SQL Injection Exploit",2007-04-01,ajann,php,webapps,0
 3634,platforms/windows/remote/3634.txt,"Microsoft Windows XP/Vista - Animated Cursor (.ANI) Remote Overflow Exploit",2007-04-01,jamikazu,windows,remote,0
-3635,platforms/windows/remote/3635.txt,"Microsoft Windows XP - Animated Cursor (.ANI) Remote Overflow Exploit #2",2007-04-01,"Trirat Puttaraksa",windows,remote,0
+3635,platforms/windows/remote/3635.txt,"Microsoft Windows XP - Animated Cursor (.ANI) Remote Overflow Exploit (2)",2007-04-01,"Trirat Puttaraksa",windows,remote,0
 3636,platforms/windows/remote/3636.txt,"Microsoft Windows - Animated Cursor (.ANI) Remote Exploit (eeye patch bypass)",2007-04-01,jamikazu,windows,remote,0
 3638,platforms/php/webapps/3638.txt,"maplab ms4w 2.2.1 - Remote File Inclusion Vulnerability",2007-04-02,ka0x,php,webapps,0
 3639,platforms/php/webapps/3639.txt,"PHP-Fusion Module topliste 1.0 (cid) Remote SQL Injection Vulnerability",2007-04-02,"Mehmet Ince",php,webapps,0
@ -3399,7 +3399,7 @@ id,file,description,date,author,platform,type,port
 3743,platforms/php/webapps/3743.txt,"Gallery 1.2.5 (GALLERY_BASEDIR) Multiple RFI Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0
 3744,platforms/php/webapps/3744.txt,"audioCMS arash 0.1.4 (arashlib_dir) Remote File Inclusion Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0
 3745,platforms/php/webapps/3745.txt,"Web Slider 0.6 (path) Remote File Inclusion Vulnerabilities",2007-04-15,GoLd_M,php,webapps,0
-3746,platforms/windows/remote/3746.txt,"Microsoft Windows DNS RPC - Remote Buffer Overflow Exploit #2",2007-04-18,"Andres Tarasco",windows,remote,445
+3746,platforms/windows/remote/3746.txt,"Microsoft Windows DNS RPC - Remote Buffer Overflow Exploit (2)",2007-04-18,"Andres Tarasco",windows,remote,445
 3747,platforms/php/webapps/3747.txt,"openMairie 1.10 (scr/soustab.php) Local File Inclusion Vulnerability",2007-04-16,GoLd_M,php,webapps,0
 3748,platforms/php/webapps/3748.txt,"SunShop Shopping Cart <= 3.5 (abs_path) RFI Vulnerabilities",2007-04-16,irvian,php,webapps,0
 3749,platforms/php/webapps/3749.txt,"StoreFront for Gallery (GALLERY_BASEDIR) RFI Vulnerabilities",2007-04-16,"Alkomandoz Hacker",php,webapps,0
@ -8901,7 +8901,7 @@ id,file,description,date,author,platform,type,port
 9433,platforms/php/webapps/9433.txt,"Gazelle CMS 1.0 - Remote Arbitrary Shell Upload Vulnerability",2009-08-13,RoMaNcYxHaCkEr,php,webapps,0
 9434,platforms/php/webapps/9434.txt,"tgs CMS 0.x (xss/sql/fd) Multiple Vulnerabilities",2009-08-13,[]ViZiOn,php,webapps,0
 9435,platforms/linux/local/9435.txt,"Linux Kernel 2.x - sock_sendpage() Local Ring0 Root Exploit",2009-08-14,spender,linux,local,0
-9436,platforms/linux/local/9436.txt,"Linux Kernel 2.x - sock_sendpage() Local Root Exploit (#2)",2009-08-14,"Przemyslaw Frasunek",linux,local,0
+9436,platforms/linux/local/9436.txt,"Linux Kernel 2.x - sock_sendpage() Local Root Exploit (2)",2009-08-14,"Przemyslaw Frasunek",linux,local,0
 9437,platforms/php/webapps/9437.txt,"Ignition 1.2 (comment) Remote Code Injection Vulnerability",2009-08-14,IRCRASH,php,webapps,0
 9438,platforms/php/webapps/9438.txt,"PHP Competition System <= 0.84 (competition) SQL Injection Vuln",2009-08-14,Mr.SQL,php,webapps,0
 9440,platforms/php/webapps/9440.txt,"DS CMS 1.0 (nFileId) Remote SQL Injection Vulnerability",2009-08-14,Mr.tro0oqy,php,webapps,0
@ -9100,7 +9100,7 @@ id,file,description,date,author,platform,type,port
 9638,platforms/windows/remote/9638.txt,"Kolibri+ Webserver 2 - Remote Source Code Disclosure Vulnerability",2009-09-11,SkuLL-HackeR,windows,remote,0
 9639,platforms/php/webapps/9639.txt,"Image voting 1.0 (index.php show) SQL Injection Vulnerability",2009-09-11,SkuLL-HackeR,php,webapps,0
 9640,platforms/php/webapps/9640.txt,"gyro 5.0 (sql/XSS) Multiple Vulnerabilities",2009-09-11,OoN_Boy,php,webapps,0
-9641,platforms/linux/local/9641.txt,"Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (#3)",2009-09-11,"Ramon Valle",linux,local,0
+9641,platforms/linux/local/9641.txt,"Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (3)",2009-09-11,"Ramon Valle",linux,local,0
 9642,platforms/multiple/dos/9642.py,"FreeRadius < 1.1.8 - Zero-length Tunnel-Password DoS Exploit",2009-09-11,"Matthew Gillespie",multiple,dos,1812
 9643,platforms/windows/remote/9643.txt,"kolibri+ webserver 2 - Directory Traversal Vulnerability",2009-09-11,"Usman Saeed",windows,remote,0
 9644,platforms/windows/remote/9644.py,"Kolibri+ Webserver 2 - (GET Request) Remote SEH Overwrite Exploit",2009-09-11,blake,windows,remote,80
@ -9788,7 +9788,7 @@ id,file,description,date,author,platform,type,port
 10535,platforms/php/webapps/10535.txt,"WordPress and Pyrmont 2.x - SQL Injection Vulnerability",2009-12-18,Gamoscu,php,webapps,0
 10537,platforms/php/webapps/10537.txt,"gpEasy <= 1.5RC3 - Remote FIle Include Exploit",2009-12-18,"cr4wl3r ",php,webapps,0
 10540,platforms/asp/webapps/10540.txt,"E-Smartcart Remote SQL Injection Vulnerability",2009-12-18,R3d-D3V!L,asp,webapps,0
-10542,platforms/windows/remote/10542.py,"TFTP Server for Windows 1.4 - Buffer Overflow Remote Exploit (#2)",2009-12-18,Molotov,windows,remote,69
+10542,platforms/windows/remote/10542.py,"TFTP Server for Windows 1.4 - Buffer Overflow Remote Exploit (2)",2009-12-18,Molotov,windows,remote,69
 10543,platforms/php/webapps/10543.txt,"Schweizer NISADA Communication CMS SQL Injection Vulnerability",2009-12-18,"Dr.0rYX AND Cr3W-DZ",php,webapps,0
 10544,platforms/multiple/local/10544.html,"Mozilla Firefox Location Bar Spoofing Vulnerability",2009-12-18,"Jordi Chancel",multiple,local,0
 10545,platforms/php/webapps/10545.txt,"Joomla Component com_jbook Blind SQL-injection",2009-12-18,FL0RiX,php,webapps,0
@ -10485,7 +10485,7 @@ id,file,description,date,author,platform,type,port
 11447,platforms/php/webapps/11447.txt,"Joomla (Jw_allVideos) Remote File Download Vulnerability",2010-02-14,"Pouya Daneshmand",php,webapps,0
 11449,platforms/php/webapps/11449.txt,"Joomla com_videos Remote SQL Injection Vulnerability",2010-02-14,snakespc,php,webapps,0
 11450,platforms/php/webapps/11450.txt,"File Upload Manager 1.3",2010-02-14,ROOT_EGY,php,webapps,0
-11451,platforms/windows/dos/11451.pl,"NovaPlayer 1.0 - (.mp3) Local Denial of Service (DoS) #",2010-02-14,Mr.tro0oqy,windows,dos,0
+11451,platforms/windows/dos/11451.pl,"NovaPlayer 1.0 - (.mp3) Local Denial of Service (DoS) (2)",2010-02-14,Mr.tro0oqy,windows,dos,0
 11452,platforms/php/webapps/11452.txt,"Katalog Stron Hurricane 1.3.5 - Multiple Vulnerability RFI / SQL",2010-02-14,kaMtiEz,php,webapps,0
 11453,platforms/windows/remote/11453.py,"Wireshark 1.2.5 LWRES getaddrbyname BoF - calc.exe",2010-02-15,"Nullthreat and Pure|Hate",windows,remote,0
 11455,platforms/php/webapps/11455.txt,"Généré par KDPics 1.18 - Remote Add Admin",2010-02-15,snakespc,php,webapps,0
@ -15952,7 +15952,7 @@ id,file,description,date,author,platform,type,port
 18404,platforms/php/webapps/18404.pl,"iSupport 1.x - CSRF HTML Code Injection to Add Admin",2012-01-21,Or4nG.M4N,php,webapps,0
 18399,platforms/windows/dos/18399.py,"VLC 1.2.0 (libtaglib_pluggin.dll) DoS",2012-01-20,"Mitchell Adair",windows,dos,0
 18405,platforms/asp/webapps/18405.txt,"ARYADAD Multiple Vulnerabilities",2012-01-21,"Red Security TEAM",asp,webapps,0
-18411,platforms/linux/local/18411.c,"Linux Kernel <= 2.6.39 (32-bit & 64-bit) - Mempodipper Local Root (#1)",2012-01-23,zx2c4,linux,local,0
+18411,platforms/linux/local/18411.c,"Linux Kernel <= 2.6.39 (32-bit & 64-bit) - Mempodipper Local Root (1)",2012-01-23,zx2c4,linux,local,0
 18407,platforms/php/webapps/18407.txt,"AllWebMenus < 1.1.9 WordPress Menu Plugin - Arbitrary File Upload",2012-01-22,6Scan,php,webapps,0
 18410,platforms/php/webapps/18410.txt,"miniCMS 1.0 & 2.0 - PHP Code Inject",2012-01-22,Or4nG.M4N,php,webapps,0
 18698,platforms/windows/dos/18698.py,"Xion Audio Player 1.0.127 - (.aiff) Denial of Service Vulnerability",2012-04-04,condis,windows,dos,0
@ -27102,7 +27102,7 @@ id,file,description,date,author,platform,type,port
 30004,platforms/php/webapps/30004.txt,"Campsite 2.6.1 implementation/management/db_connect.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0
 30005,platforms/php/webapps/30005.txt,"Campsite 2.6.1 - LocalizerConfig.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0
 30006,platforms/php/webapps/30006.txt,"Campsite 2.6.1 - LocalizerLanguage.php g_documentRoot Parameter Remote File Inclusion",2007-05-08,anonymous,php,webapps,0
-30007,platforms/windows/local/30007.txt,"Notepad++ Plugin Notepad# 1.5 - Local Exploit",2013-12-03,"Junwen Sun",windows,local,0
+30007,platforms/windows/local/30007.txt,"Notepad++ Plugin Notepad 1.5 - Local Exploit",2013-12-03,"Junwen Sun",windows,local,0
 30008,platforms/java/remote/30008.rb,"Cisco Prime Data Center Network Manager - Arbitrary File Upload",2013-12-03,metasploit,java,remote,0
 30009,platforms/windows/remote/30009.rb,"ABB MicroSCADA wserver.exe - Remote Code Execution",2013-12-03,metasploit,windows,remote,12221
 30010,platforms/php/remote/30010.rb,"Kimai 0.9.2 - 'db_restore.php' SQL Injection",2013-12-03,metasploit,php,remote,80
@ -31520,7 +31520,7 @@ id,file,description,date,author,platform,type,port
 34982,platforms/win32/local/34982.rb,"Microsoft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation",2014-10-15,metasploit,win32,local,0
 34994,platforms/cgi/webapps/34994.txt,"OpenWrt 10.03 - Multiple Cross-Site Scripting Vulnerabilities",2010-11-13,"dave b",cgi,webapps,0
 34995,platforms/php/webapps/34995.txt,"Simea CMS 'index.php' SQL Injection Vulnerability",2010-11-16,Cru3l.b0y,php,webapps,0
-34984,platforms/php/webapps/34984.py,"Drupal Core <= 7.32 - SQL Injection (#1)",2014-10-16,fyukyuk,php,webapps,0
+34984,platforms/php/webapps/34984.py,"Drupal Core <= 7.32 - SQL Injection (1)",2014-10-16,fyukyuk,php,webapps,0
 34985,platforms/php/remote/34985.txt,"pfSense 2 Beta 4 - 'graph.php' Multiple Cross-Site Scripting Vulnerabilities",2010-11-05,"dave b",php,remote,0
 34986,platforms/hardware/remote/34986.txt,"D-Link DIR-300 - Multiple Security Bypass Vulnerabilities",2010-11-09,"Karol Celia",hardware,remote,0
 34987,platforms/linux/local/34987.c,"Linux Kernel 2.6.x - 'net/core/filter.c' Local Information Disclosure Vulnerability",2010-11-09,"Dan Rosenberg",linux,local,0
@ -31528,7 +31528,7 @@ id,file,description,date,author,platform,type,port
 34989,platforms/php/webapps/34989.txt,"WeBid 0.85P1 - Multiple Input Validation Vulnerabilities",2010-11-10,"John Leitch",php,webapps,0
 34990,platforms/php/webapps/34990.txt,"Ricoh Web Image Monitor 2.03 - Cross-Site Scripting Vulnerability",2010-11-09,thelightcosine,php,webapps,0
 34996,platforms/php/webapps/34996.txt,"Raised Eyebrow CMS 'venue.php' SQL Injection Vulnerability",2010-11-16,Cru3l.b0y,php,webapps,0
-34992,platforms/php/webapps/34992.txt,"Drupal Core <= 7.32 - SQL Injection (#2)",2014-10-17,"Claudio Viviani",php,webapps,0
+34992,platforms/php/webapps/34992.txt,"Drupal Core <= 7.32 - SQL Injection (2)",2014-10-17,"Claudio Viviani",php,webapps,0
 34993,platforms/php/webapps/34993.php,"Drupal Core <= 7.32 - SQL Injection (PHP)",2014-10-17,"Dustin Dörr",php,webapps,0
 34997,platforms/windows/remote/34997.txt,"DServe Multiple Cross-Site Scripting Vulnerabilities",2010-11-16,Axiell,windows,remote,0
 34998,platforms/linux/remote/34998.txt,"Eclipse <= 3.6.1 Help Server help/index.jsp URI XSS",2010-11-16,"Aung Khant",linux,remote,0
@ -31686,7 +31686,7 @@ id,file,description,date,author,platform,type,port
 35158,platforms/windows/dos/35158.py,"Mongoose 2.11 - 'Content-Length' HTTP Header Remote Denial Of Service Vulnerability",2010-12-27,JohnLeitch,windows,dos,0
 35159,platforms/php/webapps/35159.txt,"Modx CMS 2.2.14 - CSRF Bypass & Reflected XSS & Stored XSS Vulnerability",2014-11-05,"Narendra Bhati",php,webapps,0
 35160,platforms/php/webapps/35160.txt,"Mouse Media Script 1.6 - - Stored XSS Vulnerability",2014-11-05,"Halil Dalabasmaz",php,webapps,0
-35161,platforms/linux/local/35161.txt,"Linux Kernel <= 2.6.39 (32-bit & 64-bit) - Mempodipper Local Root (#2)",2012-01-12,zx2c4,linux,local,0
+35161,platforms/linux/local/35161.txt,"Linux Kernel <= 2.6.39 (32-bit & 64-bit) - Mempodipper Local Root (2)",2012-01-12,zx2c4,linux,local,0
 35162,platforms/linux/dos/35162.cob,"GIMP <= 2.6.7 - Multiple File Plugins Remote Stack Buffer Overflow Vulnerabilities",2010-12-31,"non customers",linux,dos,0
 35163,platforms/windows/dos/35163.c,"ImgBurn 2.4 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability",2011-01-01,d3c0der,windows,dos,0
 35164,platforms/php/dos/35164.php,"PHP <= 5.3.2 - 'zend_strtod()' Function Floating-Point Value Denial of Service Vulnerability",2011-01-03,"Rick Regan",php,dos,0
@ -31745,7 +31745,7 @@ id,file,description,date,author,platform,type,port
 35226,platforms/windows/remote/35226.py,"Avira AntiVir Personal Multiple Code Execution Vulnerabilities (2)",2011-01-14,D.Elser,windows,remote,0
 35227,platforms/php/webapps/35227.txt,"Alguest 1.1c-patched 'elimina' Parameter SQL Injection Vulnerability",2011-01-14,"Aliaksandr Hartsuyeu",php,webapps,0
 35228,platforms/php/webapps/35228.txt,"CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities",2011-01-15,NLSecurity,php,webapps,0
-35229,platforms/windows/remote/35229.html,"Microsoft Internet Explorer <= 11 - OLE Automation Array Remote Code Execution (#1)",2014-11-13,yuange,windows,remote,0
+35229,platforms/windows/remote/35229.html,"Microsoft Internet Explorer <= 11 - OLE Automation Array Remote Code Execution (1)",2014-11-13,yuange,windows,remote,0
 35230,platforms/windows/remote/35230.rb,"Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (MSF)",2014-11-13,"Wesley Neelen & Rik van Duijn",windows,remote,0
 35231,platforms/php/webapps/35231.txt,"Advanced Webhost Billing System 2.9.2 - 'oid' Parameter SQL Injection Vulnerability",2011-01-16,ShivX,php,webapps,0
 35232,platforms/linux/remote/35232.txt,"Pango Font Parsing 'pangoft2-render.c' Heap Corruption Vulnerability",2011-01-18,"Dan Rosenberg",linux,remote,0
@ -33231,7 +33231,7 @@ id,file,description,date,author,platform,type,port
 36821,platforms/php/webapps/36821.txt,"WebUI 1.5b6 - Remote Code Execution Vulnerability",2015-04-23,"TUNISIAN CYBER",php,webapps,0
 36822,platforms/windows/local/36822.pl,"Quick Search 1.1.0.189 - 'search textbox' Unicode SEH egghunter Buffer Overflow",2015-04-23,"Tomislav Paskalev",windows,local,0
 36823,platforms/php/webapps/36823.txt,"Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQLi",2015-04-23,"Felipe Molina",php,webapps,0
-36824,platforms/php/webapps/36824.txt,"Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQLi #2",2015-04-23,"Felipe Molina",php,webapps,0
+36824,platforms/php/webapps/36824.txt,"Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQLi (2)",2015-04-23,"Felipe Molina",php,webapps,0
 36825,platforms/hardware/dos/36825.php,"ZYXEL P-660HN-T1H_IPv6 - Remote Configuration Editor / Web Server DoS",2015-04-23,"Koorosh Ghorbani",hardware,dos,80
 36826,platforms/windows/local/36826.pl,"Free MP3 CD Ripper 2.6 2.8 (.wav) - SEH Based Buffer Overflow",2015-04-23,ThreatActor,windows,local,0
 36827,platforms/windows/local/36827.py,"Free MP3 CD Ripper 2.6 2.8 (.wav) - SEH Based Buffer Overflow (W7 - DEP Bypass)",2015-04-24,naxxo,windows,local,0
@ -33486,7 +33486,7 @@ id,file,description,date,author,platform,type,port
 37096,platforms/php/webapps/37096.html,"Anchor CMS 0.6-14-ga85d0a0 - 'id' Parameter Multiple HTML Injection Vulnerabilities",2012-04-20,"Gjoko Krstic",php,webapps,0
 37097,platforms/ios/remote/37097.py,"FTP Media Server 3.0 - Authentication Bypass and Denial of Service",2015-05-25,"Wh1t3Rh1n0 (Michael Allen)",ios,remote,0
 37098,platforms/windows/local/37098.txt,"Microsoft Windows - Local Privilege Escalation (MS15-010)",2015-05-25,"Sky lake",windows,local,0
-37253,platforms/php/webapps/37253.txt,"Paypal Currencucy Converter Basic For Woocommerce File Read",2015-06-10,Kuroi'SH,php,webapps,0
+37253,platforms/php/webapps/37253.txt,"Paypal Currency Converter Basic For Woocommerce File Read",2015-06-10,Kuroi'SH,php,webapps,0
 37254,platforms/php/webapps/37254.txt,"Wordpress History Collection <=1.1.1 Arbitrary File Download",2015-06-10,Kuroi'SH,php,webapps,80
 37255,platforms/php/webapps/37255.txt,"Pandora FMS 5.0_ 5.1 - Authentication Bypass",2015-06-10,"Manuel Mancera",php,webapps,0
 37100,platforms/php/webapps/37100.txt,"Waylu CMS 'products_xx.php' SQL Injection and HTML Injection Vulnerabilities",2012-04-20,TheCyberNuxbie,php,webapps,0
@ -33632,3 +33632,4 @@ id,file,description,date,author,platform,type,port
 37262,platforms/linux/remote/37262.rb,"ProFTPD 1.3.5 Mod_Copy Command Execution",2015-06-10,metasploit,linux,remote,0
 37263,platforms/php/webapps/37263.txt,"AnimaGallery 2.6 - Local File Inclusion",2015-06-10,d4rkr0id,php,webapps,80
 37264,platforms/php/webapps/37264.txt,"WordPress Encrypted Contact Form Plugin 1.0.4 - CSRF Vulnerability",2015-06-10,"Nitin Venkatesh",php,webapps,80
 37265,platforms/linux/local/37265.txt,"OSSEC 2.7 <= 2.8.1 - Local Root Escalation",2015-06-11,"Andrew Widdersheim",linux,local,0
--- a/platforms/linux/local/37265.txt
+++ b/platforms/linux/local/37265.txt
@ -0,0 +1,46 @@
 Fix for CVE-2015-3222 which allows for root escalation via syscheck - https://github.com/ossec/ossec-hids/releases/tag/2.8.2
 Affected versions: 2.7 - 2.8.1
 Beginning is OSSEC 2.7 (d88cf1c9) a feature was added to syscheck, which
 is the daemon that monitors file changes on a system, called
 "report_changes". This feature is only available on *NIX systems. It's
 purpose is to help determine what about a file has changed. The logic to
 do accomplish this is as follows which can be found in
 src/syscheck/seechanges.c:
 252 /* Run diff */
 253 date_of_change = File_DateofChange(old_location);
 254 snprintf(diff_cmd, 2048, "diff \"%s\" \"%s\"> \"%s/local/%s/diff.%d\" "
 255     "2>/dev/null",
 256     tmp_location, old_location,
 257     DIFF_DIR_PATH, filename + 1, (int)date_of_change);
 258 if (system(diff_cmd) != 256) {
 259     merror("%s: ERROR: Unable to run diff for %s",
 260            ARGV0,  filename);
 261     return (NULL);
 262 }
 Above, on line 258, the system() call is used to shell out to the
 system's "diff" command. The raw filename is passed in as an argument
 which presents an attacker with the possibility to run arbitrary code.
 Since the syscheck daemon runs as the root user so it can inspect any
 file on the system for changes, any code run using this vulnerability
 will also be run as the root user.
 An example attack might be creating a file called "foo-$(touch bar)"
 which should create another file "bar".
 Again, this vulnerability exists only on *NIX systems and is contingent
 on the following criteria:
 1. A vulnerable version is in use.
 2. The OSSEC agent is configured to use syscheck to monitor the file
 system for changes.
 3. The list of directories monitored by syscheck includes those writable
 by underprivileged users.
 4. The "report_changes" option is enabled for any of those directories.
 The fix for this is to create temporary trusted file names that symlink
 back to the original files before calling system() and running the
 system's "diff" command.                                          
--- a/platforms/php/webapps/37253.txt
+++ b/platforms/php/webapps/37253.txt
@ -1,4 +1,4 @@
-# Exploit Title: Paypal Currencucy Converter Basic For Woocommerce File Read
+# Exploit Title: Paypal Currency Converter Basic For Woocommerce File Read
 # Google Dork: inurl:"paypal-currency-converter-basic-for-woocommerce"
 # Date: 10/06/2015
 # Exploit Author: Kuroi'SH