Juan Ramón

5 exploits Active since Sep 2012
CVE-2012-1617 WRITEUP WRITEUP
OSClass < 2.3.6 - Path Traversal and Arbitrary File Write via Combine.php Type Parameter
Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to read and write arbitrary files via a .. (dot dot) in the type parameter. NOTE: this vulnerability can be leveraged to upload arbitrary files.
CVE-2012-1617 WRITEUP WRITEUP
OSClass < 2.3.6 - Path Traversal and Arbitrary File Write via Combine.php Type Parameter
Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to read and write arbitrary files via a .. (dot dot) in the type parameter. NOTE: this vulnerability can be leveraged to upload arbitrary files.
CVE-2012-0973 WRITEUP WRITEUP
OSClass < 2.3.5 - SQL Injection via sCategory Parameter
Multiple SQL injection vulnerabilities in OSClass before 2.3.5 allow remote attackers to execute arbitrary SQL commands via the sCategory parameter to index.php, which is not properly handled by the (1) osc_search_category_id function in oc-includes/osclass/helpers/hSearch.php and (2) findBySlug function oc-includes/osclass/model/Category.php. NOTE: some of these details are obtained from third party information.
CVE-2012-0974 WRITEUP WRITEUP
OSClass < 2.3.5 - Cross-Site Scripting via Search Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the getParam function in oc-includes/osclass/core/Params.php in OSClass before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via the (1) sCity, (2) sPattern, (3) sPriceMax, and (4) sPriceMin parameters in a search action to index.php.
CVE-2012-1617 WRITEUP WRITEUP
OSClass < 2.3.6 - Path Traversal and Arbitrary File Write via Combine.php Type Parameter
Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to read and write arbitrary files via a .. (dot dot) in the type parameter. NOTE: this vulnerability can be leveraged to upload arbitrary files.