bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php/webapps/33406.txt
Offensive Security ae0dd9fa7c DB: 2017-02-20 
14 new exploits

Linux - Reverse Shell Shellcode (66 bytes)

Joomla! Component com_Joomlaoc - 'id' SQL Injection
Joomla! Component Joomloc 1.0 - 'id' Parameter SQL Injection

Joomla! Component com_awdwall 1.5.4 - Local File Inclusion / SQL Injection
Joomla! Component AWDwall 1.5.4 - Local File Inclusion / SQL Injection

Joomla! Component 'com_osproperty' 2.0.2 - Unrestricted Arbitrary File Upload
Joomla! Component com_osproperty 2.0.2 - Unrestricted Arbitrary File Upload

Horde 3.3.5 - Administration Interface admin/PHPshell.php PATH_INFO Parameter Cross-Site Scripting
Horde 3.3.5 - Cross-Site Scripting
Joomla! Component Joomloc-CAT 4.1.3 - 'ville' Parameter SQL Injection
Joomla! Component Joomloc-Lite 1.3.2 - 'site_id' Parameter SQL Injection
Joomla! Component JomWALL 4.0 - 'wuid' Parameter SQL Injection
Joomla! Component OS Property 3.0.8 - SQL Injection
Joomla! Component EShop 2.5.1 - 'id' Parameter SQL Injection
Joomla! Component OS Services Booking 2.5.1 - SQL Injection
Joomla! Component Room Management 1.0 - SQL Injection
Joomla! Component Bazaar Platform 3.0 - SQL Injection
Joomla! Component Google Map Store Locator 4.4 - SQL Injection
Joomla! Component Most Wanted Real Estate 1.1.0 - SQL Injection
NETGEAR DGN2200v1/v2/v3/v4 - 'ping.cgi' Remote Command Execution
Sawmill Enterprise 8.7.9 - Authentication Bypass
PHPShell 2.4 - Session Fixation
2017-02-20 05:01:17 +00:00

11 lines
No EOL
696 B
Text
Executable file
Raw Blame History

source: http://www.securityfocus.com/bid/37351/info
Horde Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
This issue affects versions prior to Horde 3.3.6.
Note that additional products that use the Horde framework may also be vulnerable.
http://www.example.com/horde-3.3.5/admin/phpshell.php/%22%3E%3Cscript%3Ealert%288%29;%3C/script%3E%3Cform%20/?Horde=<sessid>
Reference in a new issue View git blame Copy permalink