Upload Wap Remote File Upload Vulnerability

28 maggio 2012 - Fonte: http://www.mondounix.com 
-------------------------------------------------------------------+
# Exploit Title : Upload Wap Remote File UpLoad
# Author        : Dr.SiLnT HilL
# Version       : all
# Dork          : inurl:"/upload/jpeg.php"
# Tested on     : Window xp , pc3
# Site          : Hack-School.com
# MaiL          : Eghack@live.com
+----------------------------------------------------------------------------------+
 
+-------------------[ Exploit by Dr.SiLnT HilL ]-----------------------------------+
 
+> p0c :
 
http://localhost/upload/jpeg.php : upload file jpeg l shell.php.JPEG
 
Upload  Ev!L sh.php.JPEG 
 
Folder Shell : upload/jpeg/sh.php.JPEG
 
+----------------------------------------------------------------------------------------------------------------------------------+
TnKs...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , ,

b2ePMS 1.0 multiple SQLi Vulnerabilities

28 maggio 2012 - Fonte: http://www.mondounix.com 
# Title: b2ePMS 1.0 multiple SQLi Vulnerabilities
# Version: 1.0
# Author/Found by: loneferret
# Manifacturer/Software link: https://developer.berlios.de/projects/b2epms/
# Other vulnerability: http://www.exploit-db.com/exploits/18882/
 
# Date found: May 27th 2012
# Tested on: Ubuntu Server 8.04 / PHP Version 5.2.4-2ubuntu5.23
 
# Vulnerability:
# Due to improper input sanitization, pretty much every conceivable parameter is
# SQL injectable. Although to exploit many of these parameters, one needs to be logged
# in, but the main page (index.php) offers a form to send a recipient a message.
# This form does not require authentication.
 
# Severity:
# Well if anyone actually uses this, I suppose it would be high. But...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , , , ,

WeBid converter.php Remote PHP Code Injection

28 maggio 2012 - Fonte: http://www.mondounix.com 
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# web site for more information on licensing and terms of use.
#   http://metasploit.com/
##
 
require 'msf/core'
 
class Metasploit3 < Msf::Exploit::Remote
...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , ,

WhyWeb – SQL Injection Vulnerability

27 maggio 2012 - Fonte: http://www.mondounix.com 
 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
 0      _                   __           __       __                      1
 1    /' \            __  /'__`\        /\ \__  /'__`\                    0
 0   /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___            1
 1   \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\           0
 0      \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/            1
 1       \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\            0
 0        \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/            1
 1                   \ \____/ >> Exploit database separated by exploit    0
 0                    \/___/          type (local,...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , ,

Pligg CMS multiple vulnerability

25 maggio 2012 - Fonte: http://www.mondounix.com 
Advisory ID: HTB23089
Product: Pligg CMS 
Vendor: Pligg, LLC.
Vulnerable Version(s): 1.2.1 and probably prior
Tested Version: 1.2.1
Vendor Notification: 25 April 2012 
Vendor Patch: 18 May 2012 
Public Disclosure: 23 May 2012 
Vulnerability Type: Local File Inclusion, Cross-Site Scripting (XSS) 
CVE References: CVE-2012-2435, CVE-2012-2436
Solution Status: Fixed by Vendor
Risk Level: Medium 
Credit: High-Tech Bridge SA Security Research Lab ( https://www.htbridge.com/advisory/ ) 
 
-----------------------------------------------------------------------------------------------
 
Advisory Details:
 
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pligg CMS , which can be exploited...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , , , , , ,

pragmaMx multiple XSS vulnerability

25 maggio 2012 - Fonte: http://www.mondounix.com 
Advisory ID: HTB23090
Product: pragmaMx
Vendor: pragmaMx Team
Vulnerable Version(s): 1.12.1 and probably prior
Tested Version: 1.12.1
Vendor Notification: 2 May 2012 
Vendor Patch: 4 May 2012 
Public Disclosure: 23 May 2012 
Vulnerability Type: Cross-Site Scripting (XSS)
CVE Reference: CVE-2012-2452
Solution Status: Fixed by Vendor
Risk Level: Medium 
Credit: High-Tech Bridge SA Security Research Lab ( https://www.htbridge.com/advisory/ ) 
 
-----------------------------------------------------------------------------------------------
 
Advisory Details:
 
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in pragmaMx, which can be exploited to perform Cross-Site Scripting (XSS) attacks.
 
 
1)...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , , ,

Social Engine 4.2.2 Multiples Vulnerabilities

25 maggio 2012 - Fonte: http://www.mondounix.com 
Social Engine 4.2.2 Multiples Vulnerabilities
Earlier versions are also possibly vulnerable.
 
INFORMATION
 
Product: Social Engine 4.2.2
Remote-Exploit: yes
Vendor-URL: http://www.socialengine.net/
Discovered by: Tiago Natel de Moura aka "i4k"
Discovered at: 10/04/2012
CVE Notified: 10/04/2012
CVE Number: CVE-2012-2216
 
OVERVIEW
 
Social Engine versions 4.2.2 is vulnerable to XSS and CSRF.
 
INTRODUCTION
 
SocialEngine is a PHP-based white-label social networking service platform, that provides features similar to a social network on a user's website. Main features include administration of small-to-mid scale social networks, some customization abilities, unencrypted code, multilingual capability,...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , ,

appRain CMF Arbitrary PHP File Upload Vulnerability

24 maggio 2012 - Fonte: http://www.mondounix.com 
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
#   http://metasploit.com/framework/
##
 
require 'msf/core'
 
class Metasploit3 < Msf::Exploit::Remote
...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , ,

Jaow 2.4.5 Blind Sql Injection

24 maggio 2012 - Fonte: http://www.mondounix.com 
# Exploit Title: Jaow <= 2.4.5 Blind Sql Injection
# Google Dork: intext:"propuls par jaow 2.4.5"
# Date: 23/05/2012
# Software Link: http://www.jaow.net/telechargements/Jaow_V2.4.5.zip
# Version: 2.4.5
# Tested on: Debian GNU/Linux
# Author: kallimero
 
 
= Introduction =
 
 
Jaow is a CMS that can manage sites of small sizes, thanks to its simple, commented code you can easily create templates and / or create modules to suit your needs. Jaow is the solution for small sites, blogs or portfolio.
 
= Details =
 
Unfortunately, a Blind SQL injection is possible in the 2.4.5 core.
 
Vulnerable page : add_ons.php
Extract from the source :
 
-------------[ add_ons.php ]--------------
...

Leggi il seguito »

Nessun commento »

Inserito in , , , , , , , , , , , , , ,