Websecurity - Веб безпека

В даній добірці експлоіти в веб додатках:

• MyKtools 2.4 Arbitrary Database Backup Vulnerability (деталі)
• Aiocp 1.4 (poll_id) Remote SQL Injection Vulnerability (деталі)
• H2O-CMS <= 3.4 Remote Command Execution Exploit (mq = off) (деталі)
• WebCards <= 1.3 Remote SQL Injection Vulnerability (деталі)
• Mambo Component SimpleBoard <= 1.0.1 Arbitrary File Upload Exploit (деталі)
• 7Shop <= 1.1 Remote Arbitrary File Upload Exploit (деталі)
• e107 Plugin fm pro v1 (FD/Upload/DT) Multiple Remote Vulnerabilities (деталі)
• Sepal SPBOARD 4.5 (board.cgi) Remote Command Exec Vulnerability (деталі)
• PacketTrap TFTPD 2.2.5459.0 Remote Denial of Service Exploit (деталі)
• H2O-CMS <= 3.4 Insecure Cookie Handling Vulnerability (деталі)
• Venalsur on-line Booking Centre (OfertaID) XSS/SQL Injection Vulns (деталі)
• Harlandscripts Pro Traffic One (mypage.php) SQL Injection Vulnerability (деталі)
• Pro Traffic One (poll_results.php id) Remote SQL Injection Vulnerability (деталі)
• MyPHP Forum <= 3.0 Edit Topics/Blind SQL Injection Vulnerabilities (деталі)
• Absolute Control Panel XE 1.5 Insecure Cookie Handling Vulnerability (деталі)

В даній добірці експлоіти в веб додатках:

• Ads Pro (dhtml.pl page) Remote Command Execution Exploit (деталі)
• MyForum 1.3 (lecture.php id) Remote SQL Injection Exploit (деталі)
• SFS Ez Forum (forum.php id) SQL Injection Vulnerability (деталі)
• MyKtools 2.4 (langage) Local File Inclusion Vulnerability (деталі)
• e107 Plugin alternate_profiles (id) SQL Injection Vulnerability (деталі)
• TlAds v1 Remote Insecure Cookie Handling Vulnerability (деталі)
• Persia BME E-Catalogue Remote SQL Injection Vulnerability (деталі)
• MyForum 1.3 (padmin) Local File Inclusion Vulnerability (деталі)
• Questcms (XSS/Directory Traversal/SQL) Multiple Remote Vulnerabilities (деталі)
• e107 Plugin EasyShop (category_id) Blind SQL Injection Exploit (деталі)
• TlGuestBook 1.2 Insecure Cookie Handling Vulnerability (деталі)
• Agares ThemeSiteScript 1.0 (loadadminpage) RFI Vulnerability (деталі)
• PersianBB (iranian_music.php id) Remote SQL Injection Vulnerability (деталі)
• MyForum 1.3 Insecure Cookie Handling Vulnerability (деталі)
• e107 Plugin BLOG Engine 2.1.4 Remote SQL Injection Vulnerability (деталі)

В даній добірці експлоіти в веб додатках:

• aflog 1.01 Multiple Insecure Cookie Handling Vulnerabilies (деталі)
• WebSVN <= 2.0 (XSS/FH/CE) Multiple Remote Vulnerabilities (деталі)
• Joomla Component Kbase 1.0 Remote SQL Injection Vulnerability (деталі)
• Joomla Component Archaic Binary Gallery Directory Traversal Vuln (деталі)
• SiteEngine 5.x Multiple Remote Vulnerabilities (деталі)
• Aj RSS Reader (EditUrl.php url) SQL Injection Vulnerability (деталі)
• NEPT Image Uploader 1.0 Arbitrary Shell Upload Vulnerability (деталі)
• BuzzyWall 1.3.1 (download id) Remote File Disclosure Vulnerability (деталі)
• vicFTP 5.0 (LIST) Remote Denial of Service Exploit (деталі)
• PHPdaily (SQL/XSS/LFD) Multiple Remote Vulnerabilities (деталі)
• PumpKIN TFTP Server 2.7.2.0 Denial of Service Exploit (meta) (деталі)
• Kasra CMS (index.php) Multiple SQL Injection Vulnerabilities (деталі)
• Tlnews 2.2 Insecure Cookie Handling Vulnerability (деталі)
• PozScripts Classified Auctions (gotourl.php id) SQL Injection Vuln (деталі)
• ZyXel gateways vulnerability research (деталі)

В даній добірці експлоіти в веб додатках:

• Iamma Simple Gallery 1.0/2.0 Arbitrary File Upload Vulnerability (деталі)
• txtshop 1.0b (language) Local File Inclusion Vulnerability (win only) (деталі)
• SilverSHielD 1.0.2.34 (opendir) Denial of Service Exploit (деталі)
• CSPartner 1.0 (Delete All Users/SQL Injection) Remote Exploit (деталі)
• freeSSHd 1.2.1 sftp realpath Remote Buffer Overflow PoC (auth) (деталі)
• YDC (kdlist.php cat) Remote SQL Injection Vulnerability (деталі)
• DorsaCms (ShowPage.aspx) Remote SQL Injection Vulnerability (деталі)
• Joomla Component ionFiles 4.4.2 File Disclosure Vulnerability (деталі)
• LoudBlog <= 0.8.0a (ajax.php) SQL Injection Vulnerability (auth) (деталі)
• phpcrs <= 2.06 (importFunction) Local File Inclusion Vulnerability (деталі)
• Joomla Component RWCards 3.0.11 Local File Inclusion Vulnerability (деталі)
• miniPortail <= 2.2 (XSS/LFI) Remote Vulnerabilities (деталі)
• MindDezign Photo Gallery 2.2 Arbitrary Add Admin Exploit (деталі)
• MindDezign Photo Gallery 2.2 (index.php id) SQL Injection Vulnerability (деталі)
• KAPhotoservice - Remote SQL Injection Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Fast Click SQL 1.1.7 Lite (init.php) Remote File Inclusion Vulnerability (деталі)
• yappa-ng <= 2.3.3-beta0 (album) Local File Inclusion Vulnerability (деталі)
• e107 <= 0.7.13 (user_hidden_fields) Remote Blind SQL Injection Exploit (деталі)
• WBB Plugin rGallery 1.09 (itemID) Blind SQL Injection Exploit (деталі)
• Vivvo CMS <= 3.4 Multiple Vulnerabilities Destroyer Exploit (деталі)
• Joomla Component Nice Talk (tagid) SQL Injection Vulnerability (деталі)
• Joomla Component ds-syndicate (feed_id) SQL Injection Vulnerability (деталі)
• XOOPS Module makale Remote SQL Injection Vulnerability (деталі)
• Wysi Wiki Wyg 1.0 (LFI/XSS/PHPInfo) Remote Vulnerabilities (деталі)
• Limbo CMS (Private Messaging Component) SQL Injection Vulnerability (деталі)
• LightBlog 9.8 (GET,POST,COOKIE) Multiple LFI Vulnerabilities (деталі)
• freeSSHd 1.2.1 sftp rename Remote Crash Exploit (деталі)
• ShopMaker 1.0 (product.php id) Remote SQL Injection Vulnerability (деталі)
• Joomla Component Daily Message 1.0.3 (id) SQL Injection Vuln (деталі)
• Exploits PEEL CMS Admin Hash Extraction and Remote Upload (деталі)

В даній добірці експлоіти в веб додатках:

• myStats (hits.php) Multiple Remote Vulnerabilities Exploit (деталі)
• AstroSPACES (id) Remote SQL Injection Vulnerability (деталі)
• iGaming CMS 2.0 Alpha 1 (search.php) Remote SQL Injection Exploit (деталі)
• Mantis Bug Tracker <= 1.1.3 Remote Code Execution Exploit (деталі)
• Post Affiliate Pro 2.0 (index.php md) Local File Inclusion Vulnerability (деталі)
• Calendars for the Web 4.02 Admin Auth Bypass Vulnerability (деталі)
• PHP Easy Downloader 1.5 (file) File Disclosure Vulnerability (деталі)
• PHP Easy Downloader <= 1.5 Remote File Creation Exploit (деталі)
• Nuke ET <= 3.4 (fckeditor) Remote Arbitrary File Upload Exploit (деталі)
• miniBloggie 1.0 (del.php) Remote Blind SQL Injection Exploit (деталі)
• Meeting Room Booking System (MRBS) < 1.4 SQL Injection Exploit (деталі)
• zeeproperty (adid) Remote SQL Injection Vulnerability (деталі)
• phpFastNews 1.0.0 Insecure Cookie Handling Vulnerability (деталі)
• XOOPS Module GesGaleri (kategorino) Remote SQL Injection Exploit (деталі)
• Exploits McAfee Framework <= 3.6.0.569 (ePolicy Orchestrator 4.0) format string (деталі)

В даній добірці експлоіти в веб додатках:

• RaidenFTPD 2.4 build 3620 Remote Denial of Service Exploit (деталі)
• XOOPS Module xhresim (index.php no) Remote SQL Injection Vuln (деталі)
• Eserv 3.x FTP Server (ABOR) Remote Stack Overflow PoC (деталі)
• SezHoo 0.1 (IP) Remote File Inclusion Vulnerability (деталі)
• PhpWebGallery <= 1.7.2 Session Hijacking / Code Execution Exploit (деталі)
• My PHP Dating (success_story.php id) SQL Injection Vulnerability (деталі)
• Titan FTP server 6.26 build 630 Remote Denial of Service Exploit (деталі)
• Kure 0.6.3 (index.php post,doc) Local File Inclusion Vulnerability (деталі)
• PokerMax Poker League Insecure Cookie Handling Vulnerability (деталі)
• IP Reg <= 0.4 Multiple Remote SQL Injection Vulnerabilities (деталі)
• Mic_blog 0.0.3 (SQL Injection/Privilege Escalation) Remote Exploit (деталі)
• Mosaic Commerce (category.php cid) SQL Injection Vulnerability (деталі)
• CafeEngine Multiple Remote SQL Injection Vulnerabilities (деталі)
• myEvent 1.6 (viewevent.php) Remote SQL Injection Vulnerability (деталі)
• TFTP server tester (деталі)

В даній добірці експлоіти в веб додатках:

• LokiCMS <= 0.3.4 (index.php page) Arbitrary Check File Exploit (деталі)
• Real Estate Scripts 2008 (index.php cat) SQL Injection Vulnerability (деталі)
• Globsy <= 1.0 Remote File Rewriting Exploit (деталі)
• mini-pub 0.3 Local Directory Traversal / File Disclosure Vulnerabilities (деталі)
• mini-pub 0.3 (LFD/CE) Multiple Remote Vulnerabilities (деталі)
• My PHP Indexer 1.0 (index.php) Local File Download Vulnerability (деталі)
• NewLife Blogger <= 3.0 Insecure Cookie Handling / SQL Injection Vuln (деталі)
• GuildFTPd 0.999.8.11/0.999.14 Heap Corruption PoC/DoS Exploit (деталі)
• XM Easy Personal FTP Server 5.6.0 Remote Denial of Service Exploit (деталі)
• LokiCMS 0.3.4 writeconfig() Remote Command Execution Exploit (деталі)
• LokiCMS 0.3.4 (admin.php) Create Local File Inclusion Exploit (деталі)
• IndexScript 3.0 (sug_cat.php parent_id) SQL Injection Vulnerability (деталі)
• ParsBlogger (links.asp id) Remote SQL Injection Vulnerability (деталі)
• Nuked-klaN <= 1.7.7 / <= SP4.4 Multiple Vulnerabilities Exploit (деталі)
• VHCS <= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Camera Life 2.6.2b4 (SQL/XSS) Multiple Remote Vulnerabilities (деталі)
• Konqueror 3.5.9 (load) Remote Crash Vulnerability (деталі)
• WinFTP 2.3.0 (PASV mode) Remote Denial of Service Exploit (деталі)
• Ayco Okul Portali (linkid) SQL Injection Vulnerability (tr) (деталі)
• Easynet4u faq Host (faq.php faq) Remote SQL Injection Vulnerability (деталі)
• Easynet4u Forum Host (forum.php) SQL Injection Vulnerability (деталі)
• Easynet4u Link Host (cat_id) SQL Injection Vulnerability (деталі)
• Nokia Mini Map Browser (array sort) Silent Crash Vulnerability (деталі)
• MunzurSoft Wep Portal W3 (kat) SQL Injection Vulnerability (деталі)
• Joomla Component mad4joomla SQL Injection Vulnerability (деталі)
• Joomla Component Ignite Gallery 0.8.3 SQL Injection Vulnerability (деталі)
• SlimCMS <= 1.0.0 (redirect.php) Privilege Escalation Exploit (деталі)
• Joomla Component ownbiblio 1.5.3 (catid) SQL Injection Vulnerability (деталі)
• Absolute Poll Manager XE 4.1 (xlacomments.php) SQL Injection Vuln (деталі)
• IpSwitch WS_FTPSERVER with SSH remote Buffer Overflow (деталі)

Нещодавно була виявлена уразливість в Mozilla Firefox, що призводить до пошкодження пам’яті. Для якої був розроблений експлоіт.

Даний експлоіт я перевірив в Firefox 3.0.6.

• Mozilla Firefox XSL Parsing Remote Memory Corruption PoC 0day (деталі)

Уразливі версії Mozilla Firefox 3.0.7 та попередні версії.