{"published": "2012-05-27T00:00:00", "id": "1337DAY-ID-18367", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [{"differentElements": ["sourceHref", "sourceData", "href"], "edition": 1, "lastseen": "2016-04-20T00:49:39", "bulletin": {"published": "2012-05-27T00:00:00", "id": "1337DAY-ID-18367", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [], "enchantments": {"score": {"value": 4.0, "modified": "2016-04-20T00:49:39"}}, "hash": "fc8d7ebd0f99aff83540c06f1112586759e5b61875a13686726dc8d91771c3fd", "description": "Exploit for php platform in category web applications", "type": "zdt", "lastseen": "2016-04-20T00:49:39", "edition": 1, "title": "EAFlashUpload Remote File Upload Vulnerability", "href": "http://0day.today/exploit/description/18367", "modified": "2012-05-27T00:00:00", "bulletinFamily": "exploit", "viewCount": 0, "cvelist": [], "sourceHref": "http://0day.today/exploit/18367", "references": [], "reporter": "Dr.SiLnT HilL", "sourceData": "-------------------------------------------------------------------+\r\n# Exploit Title : EAFlashUpload Remote File Upload\r\n# Date : 27-5-2012\r\n# Author : Dr.SiLnT HilL\r\n# Version : 2.6\r\n# Dork : inurl:\"EAFlashUpload\"\r\n# Download : http://www.easyalgo.com/Downloads/EasyAlgo.EAFlashUpload2.6.zip\r\n# Tested on : Window xp , pc3\r\n# Site : Hack-School.com\r\n# MaiL : Eghack@live.com\r\n+----------------------------------------------------------------------------------+\r\n\r\n+-------------------[ Exploit by Dr.SiLnT HilL ]-----------------------------------+\r\n\r\n+> p0c :\r\n\r\nhttp://localhost/EasyAlgo.EAFlashUpload2.6/Examples/PHP/simpleupload.php\r\n\r\nExploit :\r\n\r\nsimpleupload.php : and Upload \"PHP\" Files :D Simpel exploit\r\n\r\nFloder upload : /Examples/PHP/UploadedFiles/Shell.php :xD\r\n\r\n+----------------------------------------------------------------------------------------------------------------------------------+\r\nTnKs To :\r\n\r\n[#1337day.com Inj3ct0r Exploit DataBase \r\n| Mego | The MMa | Mr.Asla3eek | Soly HacKer | IraQeN H4X0rZ And All Froums Hack-School\r\n#################################\r\n\r\n\n\n# 0day.today [2016-04-19] #", "hashmap": [{"hash": "a4bac2241f75ffd8f088618eda74ec0b", "key": "sourceHref"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "614aa15c99a047d69233e861683607e0", "key": "title"}, {"hash": "495f7dae411c10926b3f14262bf025c9", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "079b5df498145420ae5777054c8ee177", "key": "published"}, {"hash": "f68cb6137e85e0278c74cfa2a978d3e9", "key": "sourceData"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "3e9a1e15446f6bd0dab82754c7c1b8d1", "key": "reporter"}, {"hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc", "key": "description"}, {"hash": "079b5df498145420ae5777054c8ee177", "key": "modified"}], "objectVersion": "1.0"}}], "description": "Exploit for php platform in category web applications", "hash": "ed3dcd792bf38311ed143e9c75f63deb92e75fa174f0441a113a9ed453b36e5a", "enchantments": {"score": {"value": 0.4, "vector": "NONE", "modified": "2018-02-19T21:26:21"}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:18367"]}], "modified": "2018-02-19T21:26:21"}, "vulnersScore": 0.4}, "type": "zdt", "lastseen": "2018-02-19T21:26:21", "edition": 2, "title": "EAFlashUpload Remote File Upload Vulnerability", "href": "https://0day.today/exploit/description/18367", "modified": "2012-05-27T00:00:00", "bulletinFamily": "exploit", "viewCount": 2, "cvelist": [], "sourceHref": "https://0day.today/exploit/18367", "references": [], "reporter": "Dr.SiLnT HilL", "sourceData": "-------------------------------------------------------------------+\r\n# Exploit Title : EAFlashUpload Remote File Upload\r\n# Date : 27-5-2012\r\n# Author : Dr.SiLnT HilL\r\n# Version : 2.6\r\n# Dork : inurl:\"EAFlashUpload\"\r\n# Download : http://www.easyalgo.com/Downloads/EasyAlgo.EAFlashUpload2.6.zip\r\n# Tested on : Window xp , pc3\r\n# Site : Hack-School.com\r\n# MaiL : [email\u00a0protected]\r\n+----------------------------------------------------------------------------------+\r\n\r\n+-------------------[ Exploit by Dr.SiLnT HilL ]-----------------------------------+\r\n\r\n+> p0c :\r\n\r\nhttp://localhost/EasyAlgo.EAFlashUpload2.6/Examples/PHP/simpleupload.php\r\n\r\nExploit :\r\n\r\nsimpleupload.php : and Upload \"PHP\" Files :D Simpel exploit\r\n\r\nFloder upload : /Examples/PHP/UploadedFiles/Shell.php :xD\r\n\r\n+----------------------------------------------------------------------------------------------------------------------------------+\r\nTnKs To :\r\n\r\n[#1337day.com Inj3ct0r Exploit DataBase \r\n| Mego | The MMa | Mr.Asla3eek | Soly HacKer | IraQeN H4X0rZ And All Froums Hack-School\r\n#################################\r\n\r\n\n\n# 0day.today [2018-02-19] #", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc", "key": "description"}, {"hash": "230d7d764a187ff4c55cb08bd81f6164", "key": "href"}, {"hash": "079b5df498145420ae5777054c8ee177", "key": "modified"}, {"hash": "079b5df498145420ae5777054c8ee177", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "3e9a1e15446f6bd0dab82754c7c1b8d1", "key": "reporter"}, {"hash": "fb46bfa8ba0371543190caf2039936fa", "key": "sourceData"}, {"hash": "ba13da2990fca94b35b94d79aa8c265c", "key": "sourceHref"}, {"hash": "614aa15c99a047d69233e861683607e0", "key": "title"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}], "objectVersion": "1.3"}

{"securityvulns": [{"lastseen": "2018-08-31T11:10:24", "bulletinFamily": "software", "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n National Cyber Alert System\r\n Technical Cyber Security Alert TA07-310A\r\n\r\n\r\nApple QuickTime Updates for Multiple Vulnerabilities\r\n\r\n Original release date: November 06, 2007\r\n Last revised: --\r\n Source: US-CERT\r\n\r\nSystems Affected\r\n\r\n Vulnerabilities in Apple QuickTime affect\r\n * Apple Mac OS X\r\n * Microsoft Windows\r\n\r\nOverview\r\n\r\n Apple QuickTime contains multiple vulnerabilities. Exploitation of\r\n these vulnerabilities could allow a remote attacker to execute\r\n arbitrary code or cause a denial-of-service condition.\r\n\r\nI. Description\r\n\r\n Apple QuickTime 7.3 resolves multiple vulnerabilities in the way\r\n different types of image and media files are handled. An attacker\r\n could exploit these vulnerabilities by convincing a user to access a\r\n specially crafted image or media file that could be hosted on a web\r\n page.\r\n\r\n Note that Apple iTunes installs QuickTime, so any system with iTunes\r\n is vulnerable.\r\n\r\nII. Impact\r\n\r\n These vulnerabilities could allow a remote, unauthenticated attacker\r\n to execute arbitrary code or commands and cause a denial-of-service\r\n condition. For further information, please see About the security\r\n content of QuickTime 7.3.\r\n\r\nIII. Solution\r\n\r\nUpgrade QuickTime\r\n\r\n Upgrade to QuickTime 7.3. This and other updates for Mac OS X are\r\n available via Apple Update.\r\n\r\nSecure your web browser\r\n\r\n To help mitigate these and other vulnerabilities that can be exploited\r\n via a web browser, refer to Securing Your Web Browser.\r\n\r\nReferences\r\n\r\n * About the security content of the QuickTime 7.3 Update -\r\n <http://docs.info.apple.com/article.html?artnum=306896>\r\n \r\n * How to tell if Software Update for Windows is working correctly when no updates are\r\navailable -\r\n <http://docs.info.apple.com/article.html?artnum=304263>\r\n \r\n * Apple QuickTime Download - <http://www.apple.com/quicktime/download/>\r\n \r\n * Mac OS X: Updating your software -\r\n <http://docs.info.apple.com/article.html?artnum=106704>\r\n \r\n * Securing Your Web Browser -\r\n <http://www.us-cert.gov/reading_room/securing_browser/>\r\n \r\n _________________________________________________________________\r\n\r\n The most recent version of this document can be found at:\r\n\r\n <http://www.us-cert.gov/cas/techalerts/TA07-310A.html>\r\n _________________________________________________________________\r\n\r\n Feedback can be directed to US-CERT Technical Staff. Please send\r\n email to <cert@cert.org> with "TA07-310A Feedback VU#208011" in the\r\n subject.\r\n _________________________________________________________________\r\n\r\n For instructions on subscribing to or unsubscribing from this\r\n mailing list, visit <http://www.us-cert.gov/cas/signup.html>.\r\n _________________________________________________________________\r\n\r\n Produced 2007 by US-CERT, a government organization.\r\n\r\n Terms of use:\r\n\r\n <http://www.us-cert.gov/legal.html>\r\n _________________________________________________________________\r\n\r\nRevision History\r\n\r\n November 6, 2007: Initial release\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.1 (GNU/Linux)\r\n\r\niQEVAwUBRzD0F/RFkHkM87XOAQLSVwf+LsCvcentaE5ATCISYhYd31ionkGNS9cn\r\nLeBC+yCyR330ztfQ9iBphoxxp+fYKpa/RRfnFHqJlv80HYYOiJvnunCdOY5IAbo5\r\nZyS2vou/ArW5WzJqk9Yq+31hClKQOIoLf/+NcUc7iKkfSBUC8/RsspascX31a1U+\r\ndMF217Q/i9imjMhHr+PXZagRT1naUo8ygeDZ+94Vq+3XUB6qZb6rux8vFdVX3nEY\r\nyvg02JJTVpHy14Nk0KXfXwEq2Hc9uNTa/KwKknJMVqzev4eCAn+/wb424JxoKhqG\r\nlthnzMr/US4Q0NLKpFStcNyETEiKgM9RuZ4v6OWc+nJKVe+QwrDYhQ==\r\n=9WUY\r\n-----END PGP SIGNATURE-----", "modified": "2007-11-07T00:00:00", "published": "2007-11-07T00:00:00", "id": "SECURITYVULNS:DOC:18367", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18367", "title": "US-CERT Technical Cyber Security Alert TA07-310A -- Apple QuickTime Updates for Multiple Vulnerabilities", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}]}