============================================= WEBERA ALERT ADVISORY 02 - Discovered by: Anthony Dubuissez - Severity: high - CVE Request – 05/06/2013 - CVE Assign – 06/06/2013 - CVE Number – CVE-2013-3961 - Vendor notification – 06/06/2013 - Vendor reply – 10/06/2013 - Public disclosure – 11/06/2013 ============================================= I. VULNERABILITY ————————- iSQL in php-agenda <= 2.2.8 II. BACKGROUND ————————- Simple Php Agenda is « a simple agenda tool written in PHP with MySQL backend. An agenda tool accessible everywere there’s internet ». III. DESCRIPTION ————————- Php-Agenda 2.2.8 and lower versions contain a flaw that allows...
Leggi il seguito »
Simple PHP Agenda 2.2.8 SQL Injection
Libretto CMS 2.2.2 Shell Upload
15 giugno 2013 - Fonte: http://www.mondounix.com
# Exploit Title : LibrettoCMS 2.2.2 Malicious File Upload
# Date : 14 June 2013
# Exploit Author : CWH Underground
# Site : www.2600.in.th
# Vendor Homepage : http://libretto.artwebonline.com/
# Software Link : http://jaist.dl.sourceforge.net/project/librettocms/librettoCMS_v.2.2.2.zip
# Version : 2.2.2
# Tested on : Window and Linux
,--^----------,--------,-----,-------^--,
| ||||||||| `--------' | O .. CWH Underground Hacking Team ..
`+---------------------------^----------|
`\_,-------, _________________________|
/ XXXXXX /`| /
/ XXXXXX / `\ /
/ XXXXXX /\______(
/ XXXXXX /
/ XXXXXX /
(________(
`------'
#####################################################
DESCRIPTION
#####################################################
LibrettoCMS...
Leggi il seguito »
Linux perf_swevent_init Local Root
15 giugno 2013 - Fonte: http://www.mondounix.com
/*
* CVE-2013-2094 exploit x86_64 Linux < 3.8.9
* by sorbo (sorbo@darkircop.org) June 2013
*
* Based on sd's exploit. Supports more targets.
*
*/
#define _GNU_SOURCE
#include <string.h>
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <stdint.h>
#include <sys/syscall.h>
#include <sys/mman.h>
#include <linux/perf_event.h>
#include <signal.h>
#include <assert.h>
#define BASE 0x380000000
#define BASE_JUMP 0x1780000000
#define SIZE 0x10000000
#define KSIZE 0x2000000
#define TMP(x) (0xdeadbeef + (x))
struct idt {
uint16_t limit;
uint64_t addr;
} __attribute__((packed));
static...
Leggi il seguito »
WordPress NextGEN Gallery 1.9.12 Shell Upload
15 giugno 2013 - Fonte: http://www.mondounix.com
##############################################################
- S21Sec Advisory -
##############################################################
Title: NextGEN Gallery 1.9.12 Arbitrary File Upload
ID: S21SEC-046-en
CVE ID: CVE-2013-3684
Severity: High
Status: Fixed
History: 27.May.2013 Vulnerability discovered
28.May.2013 Vendor informed
12.Jun.2013 Fix released
Authors: Marcos Agüero (maguero@s21sec.com)
URL: http://www.s21sec.com/images/labs/advisories/s21sec-046-en.txt
Release: Public
[ SUMMARY ]
NextGEN Gallery is a WordPress gallery plugin that offers sophisticated...
Leggi il seguito »
NanoBB 0.7 Cross Site Scripting / SQL Injection
13 giugno 2013 - Fonte: http://www.mondounix.com
# Exploit Title : NanoBB 0.7 Multiple Vulnerabilities
# Date : 10 June 2013
# Exploit Author : CWH Underground
# Site : www.2600.in.th
# Vendor Homepage : http://nanobb.sourceforge.net/
# Software Link : heanet.dl.sourceforge.net/project/nanobb/v0.7.zip
# Version : 0.7
# Tested on : Window and Linux
,--^----------,--------,-----,-------^--,
| ||||||||| `--------' | O .. CWH Underground Hacking Team ..
`+---------------------------^----------|
`\_,-------, _________________________|
/ XXXXXX /`| /
/ XXXXXX / `\ /
/ XXXXXX /\______(
/ XXXXXX /
/ XXXXXX /
(________(
`------'
##############################################
VULNERABILITY:...
Leggi il seguito »
MaxForum 2.0.0 Code Injection / LFI / Disclosure
13 giugno 2013 - Fonte: http://www.mondounix.com
# Exploit Title : MaxForum 2.0.0 Multiple Vulnerabilities
# Date : 9 June 2013
# Exploit Author : CWH Underground
# Site : www.2600.in.th
# Vendor Homepage : http://sourceforge.net/projects/maxforum/
# Software Link : jaist.dl.sourceforge.net/project/maxforum/2.0.0/Max_v2.0.0.zip
# Version : 2.0.0
# Tested on : Window and Linux
,--^----------,--------,-----,-------^--,
| ||||||||| `--------' | O .. CWH Underground Hacking Team ..
`+---------------------------^----------|
`\_,-------, _________________________|
/ XXXXXX /`| /
/ XXXXXX / `\ /
/ XXXXXX /\______(
/ XXXXXX /
/ XXXXXX /
(________(
`------'
####################################
VULNERABILITY:...
Leggi il seguito »
Resin Application Server 4.0.36 Cross Site Scripting
13 giugno 2013 - Fonte: http://www.mondounix.com
Resin Application Server 4.0.36 Cross-Site Scripting Vulnerabilities Vendor: Caucho Technology, Inc. Product web page: http://www.caucho.com Affected version: Resin Professional Web And Application Server 4.0.36 Summary: Resin is the Java Application Server for high traffic sites that require speed and scalability. It is one of the earliest Java Application Servers, and has stood the test of time due to engineering prowess. Desc: Resin Application and Web Server The plugin suffers from a XSS issue due to a failure to properly sanitize user-supplied input to the 'logout' GET parameter in the 'index.php' script. URI-based XSS issue is also present and both of the vulnerabilities can be triggered once the...
Leggi il seguito »
WordPress Ambience Cross Site Scripting
10 giugno 2013 - Fonte: http://www.mondounix.com
##################################### Title:Xss In wordpress ambience theme ##################### #Author:Darksnipper & Soul~Inj3ctor #Email:Darksnipper@live.com ##################################### #Home:- www.MadLeeTs.com ##################################### Theme Link:-Google About It :D ###################################################################### #P.o.c http: //127.0.0.1/wp-content/themes/ambience/thumb.php?src=<body onload=alert(/darksnipper/)>.jpg Greetz:Dream.killer,Soul~inj3ct0r,Error Haxor,Force-Ex,x3o-1337,Shadow008,1337,H4x0rl1f3,M4DSh4k,HaXor KaKKa,Retno Pro, Tr4ck3r,b0x,Gujjar Pcp,madc0de Haxor,P4k Command3r,Pain006,Anon...
Leggi il seguito »
TESO Web 2.0 SQL Injection
10 giugno 2013 - Fonte: http://www.mondounix.com
============================================ TESO web 2.0 SQLInjection/ Blind SQLInjection ============================================= I. VULNERABILITY ------------------------- #Title: TESO SQLInjection/ Blind SQLInjection #Vendor:http://www.tesoweb.com #Author:Juan Carlos GarcÃa (@secnight) #Follow me http://www.highsec.es http://hackingmadrid.blogspot.com http://blogs.0verl0ad.com Twitter:@secnight Facebook:https://www.facebook.com/pages/ETHICAL-HACKING-Y-OL%C3%89-by-the-Face-WhiteHat/172393869485449?ref=tn_tnmn II. DESCRIPTION ------------------------- TESO is a powerful, free lets you take control of your money and your portfolio, both at home and in your business. Its...
Leggi il seguito »
ScriptCase SQL Injection
10 giugno 2013 - Fonte: http://www.mondounix.com
#----------------------------------------------------------------------# # # # 1010101010101010101010101010101010101010101010101 # # 0 __ _ __ 0 # # 1 /'__`\ /' \/\ \ 1 # # 0 /\_\ \ \ __ __ /\_, \ \ \ 0 # # 1 \/_/_\_<_ /\ \ /\ \\/_/\ \ \ \ 1 # # 0 /\ \ \ \\ \ \_/ / \ \ \ \ \____ 0 # # 1 \ \____/ \ \___/ \ \_\ \_____\ 1 # # 0 \/___/ \/__/ \/_/\/_____/ 0 # # ...
Leggi il seguito »
