
Linux privileged and arbitrary chdir(),
1. VULNERABILITY linux privileged and arbitrary chdir(), this leads to an arbitrary file identification as root. ————————- 2. BACKGROUND mount.cifs (GNU Software) is part of linux base system, and is setuided on most of the distributions (archlinux, debian, ubuntu, …) This…

IPhone TreasonSMS – HTML Inject & File Include Vulnerability
Introduction: treasonSMS allows you to send SMS from your desktop computer. It turns your iPhone into a SMS webserver, so you can send sms and reply to SMS from your computer over wifi. Confirmed working with FF 3.5, Safari and…

Chengdu Bureau of Commerce – SQL Injection Vulnerability
References: http://www.vulnerability-lab.com/get_content.php?id=312 ——————– Introduction: May 20, by my bureau composed of 10 members, participated in by the Chinese Cycling Association, Chengdu Sports Bureau, Chong City People s Government s second bike fans in Chengdu, China Fitness Festival Second station (Chong…

XSS and Blind SQL Injection Vulnerabilities in ExponentCMS Software
Information Vendor Homepage : http://www.exponentcms.org Vulnerability Type : Cross-Site Scripting and SQL Injection Severity : Critical Researcher : Onur Yılmaz Advisory Reference : NS-12-006 ——————– Description Exponent is a website content management system (or CMS) that allows site owners to…

ChurchCMS 0.0.1 ‘admin.php’ Multiple SQLi
##### Description ##### ChurchCMS is the software to place on your church’s website that is easily managed, self-intuitive, yet expandable via our module library. Included features are: announcements, calendar, prayer requests manager, and help wanted manager. ##### Vulnerability #####…

Cross-site scripting vulnerability in Invision Power Board version 3.2.3
Information Name : Cross-site scripting vulnerability in Invision Power Board version 3.2.3 Software : Invision Power Board version 3.2.3 Vendor Homepage : http://www.invisionpower.com Vulnerability Type : Cross-site scripting Severity : High Researcher : Vasil A. xss@9y.com Advisory Reference : NS-12-005…

e-ticketing’ SQL Injection
I. DESCRIPTION A vulnerability exists in loginscript.php that allows for SQL injection of the ‘user_name’ and ‘password’ POST parameters. ————————————— II. TESTED VERSION Released on 2011-11-30 (no versioning used) ————————————— III. PoC EXPLOIT POST a form to loginscript.php with the…

Hotel Booking Portal’ SQL Injection
I. DESCRIPTION A vulnerability exists in getcity.php that allows for SQL injection of the ‘country’ POST parameter. ————————————— II. TESTED VERSION 0.1 ————————————— III. PoC EXPLOIT POST a form to getcity.php with the value of ‘country’ set to: ‘ union…

File Existence Disclosure in Uploadify 3.0.0
I. DESCRIPTION Uploadify is a jQuery plugin that integrates a fully-customizable multiple file upload utility on your website. It uses a mixture of Javascript, ActionScript, and any server-side language to dynamically create an instance over any DOM element on a…

‘PHP Grade Book’ Unauthenticated SQL Database Export
I. DESCRIPTION A vulnerability exists in admin/index.php that allows for an unauthenticated user to export the entire application database by accessing the ‘Database Backup’ method without restriction. Due to the way sessions are handled, an attacker can then simply pass…

at32 Reverse Proxy – Multiple HTTP Header Field Denial Of Service Vulnerability
Product : at32 Reverse Proxy Version : v1.060.310 Vendor: http://www.at32.com/doc/rproxy.htm Class: Boundary Condition Error Remote: Yes Local: No Published: 2012-03-14 Impact : Medium (CVSS2 Base : 6.1, AV:A/AC:L/Au:N/C:N/I:N/A:C) Bug Description : At32 Reverse Proxy allows you to host several websites…

Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability
Product: Yealink Easy VOIP Phone Homepage: http://www.yealink.com Impact: Medium Authentication: Required Author: Narendra Shinde ————————— Vendor description: Yealink is the professional designer and manufacturer of IP Phone and IP Video Phone for the world-wide broadband telephony market. For more than…

Recrutement
Rejoignez notre nouvelle communauté et participer à son bon développement* ! Nous recherchons : Des rédacteurs, responsables de la publication des actualités sur le blog (en cours) Des modérateurs, responsables du contenu et des membres du forum (en cours) Un…