본문으로 바로가기

HKWT-2016-0001 / CVE-SEARCH

category Defensive Security/Linux 2016.06.29 13:24

목차

1. 개요

취약점을 체계적으로 관리를 위해 마이트레에서 CVE코드를 부여했다. 이 코드는 특정 취약점을 고유한 번호를 할당하여 관리할 수 있다. 이러한 CVE를 할당받은 취약점을 다양한 리소스를 포함하여 체계적으로 관리할 수 있게 만들어진 오픈소스 도구가 CVE-SEARCH이다.

2. 설치

설치는 우분투에서 진행하지만 파이썬3로 사용하기에 다른 운영체제에서도 구현할 수 있다. 데이터베이스는 몽고DB를 사용하기에 몽고DB를 다운로드받고 설치해야한다. 특히 CVE-SEARCH는 2 버전대의 몽고DB를 사용한다. 다음과 같이 몽고DB 레파지토리를 등록한다.

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10
echo 'deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen' | sudo tee /etc/apt/sources.list.d/mongodb.list

이제 저장소에서 설치 가능한 애플리케이션 리스트를 가지고 온다.

sudo apt-get update

이제 몽고db 2.6.2 버전을 설치하고 파이선3 pip와 CVE-SEARCH를 다운받기 위한 git 그리고 일부 파일을 편집하기 위해 vim을 설치한다.

sudo apt-get install mongodb-org=2.6.2 mongodb-org-server=2.6.2 mongodb-org-shell=2.6.2 mongodb-org-mongos=2.6.2 mongodb-org-tools=2.6.2 python3-pip git vim

설치가 끝났다면 CVE-SEARCH를 다운로드한다.

git clone https://github.com/cve-search/cve-search

다운로드 받은 CVE-SEARCH에 필요한 파이썬 3 라이브러리를 설치한다.

cd cve-search
sudo pip3 install -r requirements.txt

CVE-SEARCH에서 사용하는 데이터베이스 중 하나는 redis 서버를 요구하기에 다음과 같이 구성한다.

sudo apt-get install build-essential tcl8.5
wget http://download.redis.io/releases/redis-stable.tar.gz
tar xzf redis-stable.tar.gz
cd redis-stable
make
make test
sudo make install
sudo ./utils/install_server.sh
sudo service redis_6379 start
cd ..

3. 데이터베이스 업데이트

데이터베이스 업데이트는 CVE-SEARCH의 sbin 디렉터리에서 진행한다. 해당 디렉터리에 접근하면 다음과 같은 파일 리스트를 볼 수 있다.

ls -al
total 112
drwxrwxr-x  2 hakawati hakawati  4096  6월 28 15:39 .
drwxrwxr-x 11 hakawati hakawati  4096  6월 28 15:44 ..
-rwxrwxr-x  1 hakawati hakawati  2586  6월 28 15:39 db_blacklist.py
-rwxrwxr-x  1 hakawati hakawati  2122  6월 28 15:39 db_cpe_browser.py
-rwxrwxr-x  1 hakawati hakawati  2549  6월 28 15:39 db_fulltext.py
-rwxrwxr-x  1 hakawati hakawati  4393  6월 28 15:39 db_mgmt_admin.py
-rwxrwxr-x  1 hakawati hakawati  6926  6월 28 15:39 db_mgmt_capec.py
-rwxrwxr-x  1 hakawati hakawati  3172  6월 28 15:39 db_mgmt_cpe_dictionary.py
-rwxrwxr-x  1 hakawati hakawati  2566  6월 28 15:39 db_mgmt_cpe_other_dictionary.py
-rwxrwxr-x  1 hakawati hakawati  1140  6월 28 15:39 db_mgmt_create_index.py
-rwxrwxr-x  1 hakawati hakawati  4026  6월 28 15:39 db_mgmt_cwe.py
-rwxrwxr-x  1 hakawati hakawati  3641  6월 28 15:39 db_mgmt_d2sec.py
-rwxrwxr-x  1 hakawati hakawati  1668  6월 28 15:39 db_mgmt_exploitdb.py
-rwxrwxr-x  1 hakawati hakawati  2926  6월 28 15:39 db_mgmt_ms.py
-rwxrwxr-x  1 hakawati hakawati 10825  6월 28 15:39 db_mgmt.py
-rwxrwxr-x  1 hakawati hakawati  2666  6월 28 15:39 db_mgmt_ref.py
-rwxrwxr-x  1 hakawati hakawati  3960  6월 28 15:39 db_mgmt_vendorstatements.py
-rwxrwxr-x  1 hakawati hakawati  2325  6월 28 15:39 db_mgmt_vfeed.py
-rwxrwxr-x  1 hakawati hakawati  4637  6월 28 15:39 db_notification.py
-rwxrwxr-x  1 hakawati hakawati  3323  6월 28 15:39 db_ranking.py
-rwxrwxr-x  1 hakawati hakawati  6337  6월 28 15:39 db_updater.py
-rwxrwxr-x  1 hakawati hakawati  2572  6월 28 15:39 db_whitelist.py

이 중에 데이터베이스를 업데이트하기 위한 핵심 파일을 세 가지 이며, 이 셋을 다음과 같이 실행시켜 구성한다. 각각의 업데이트는 시간이 많이 소비된다. db_mgmt.py로 업데이트를 성공하면 다음과 같은 기록을 볼 수 있다.

python3 db_mgmt.py -p
Database population started
Importing CVEs for year 2002
Importing CVEs for year 2003
Importing CVEs for year 2004
Importing CVEs for year 2005
Importing CVEs for year 2006
Importing CVEs for year 2007
Importing CVEs for year 2008
Importing CVEs for year 2009
Importing CVEs for year 2010
Importing CVEs for year 2011
Importing CVEs for year 2012
Importing CVEs for year 2013
Importing CVEs for year 2014
Importing CVEs for year 2015
Importing CVEs for year 2016

db_mgmt_cpe_dictionary.py로 업데이트 성공하면 다음과 같은 기록을 볼 수 있다.

python3 db_mgmt_cpe_dictionary.py
Preparing [##################################################] 113738/113738

db_updater.py로 업데이트 성공하면 다음과 같은 기록을 볼 수 있다.

python3 db_updater.py -c
INFO:root:Starting cves
Preparing [##################################################] 57/57
INFO:root:cves has 77455 elements (0 update)
INFO:root:Starting cpe
Not modified
INFO:root:cpe has 113647 elements (0 update)
INFO:root:Starting vfeed
Preparing [##################################################] 28/28
INFO:root:vfeed has 78593 elements (177 update)
INFO:root:Starting vendor
Preparing [##################################################] 1460/1460
INFO:root:vendor has 1425 elements (1425 update)
INFO:root:Starting cwe
Preparing [##################################################] 719/719
INFO:root:cwe has 719 elements (719 update)
INFO:root:Starting capec
Preparing [##################################################] 463/463
INFO:root:capec has 463 elements (463 update)
INFO:root:Starting redis-cache-cpe
INFO:root:redis-cache-cpe updated
INFO:root:Starting d2sec
{'url': 'http://www.d2sec.com/exploits/openconf_sql_injection.html', 'name': 'OpenConf SQL Injection', 'id': 'CVE-2012-1002'}
{'url': 'http://www.d2sec.com/exploits/phpdocumentor_1.3_rc4_rfi.html', 'name': 'phpDocumentor 1.3 RC4 RFI', 'id': 'CVE-2007-3228'}
{'url': 'http://www.d2sec.com/exploits/xibo_1.4.1_lfi.html', 'name': 'Xibo 1.4.1 LFI', 'id': 'CVE-2013-5979'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_helpdeskpro_sql_injection.html', 'name': 'Joomla Component com_helpdeskpro SQL Injection', 'id': 'CVE-2015-4073'}
{'url': 'http://www.d2sec.com/exploits/glpi_0.84.1_rce.html', 'name': 'GLPI 0.84.1 RCE', 'id': 'CVE-2013-5696'}
{'url': 'http://www.d2sec.com/exploits/openemr_4.1.2_forms_admin.php_sql_injection.html', 'name': 'OpenEMR 4.1.2 forms_admin.php SQL Injection', 'id': 'CVE-2014-5462'}
{'url': 'http://www.d2sec.com/exploits/phpfox_rce.html', 'name': 'phpFox RCE', 'id': 'CVE-2012-1300'}
{'url': 'http://www.d2sec.com/exploits/php-fusion_7.02.05_downloads.php_sql_injection.html', 'name': 'PHP-Fusion 7.02.05 downloads.php SQL Injection', 'id': 'CVE-2013-1803'}
{'url': 'http://www.d2sec.com/exploits/novell_groupwise_8_document_viewer_file_disclosure.html', 'name': 'Novell GroupWise 8 Document Viewer File Disclosure', 'id': 'CVE-2010-4715'}
{'url': 'http://www.d2sec.com/exploits/manageengine_desktop_central_9.0.0_file_upload.html', 'name': 'ManageEngine Desktop Central 9.0.0 File Upload', 'id': 'CVE-2014-5005'}
{'url': 'http://www.d2sec.com/exploits/novell_groupwise_8_webaccess_file_disclosure.html', 'name': 'Novell GroupWise 8 WebAccess File Disclosure', 'id': 'CVE-2010-4715'}
{'url': 'http://www.d2sec.com/exploits/openemr_4.1.1_logview.php_sql_injection.html', 'name': 'OpenEMR 4.1.1 logview.php SQL Injection', 'id': 'CVE-2014-5462'}
{'url': 'http://www.d2sec.com/exploits/phpgedview_4.2.3_lfi.html', 'name': 'PhpGedView 4.2.3 LFI', 'id': 'CVE-2011-0405'}
{'url': 'http://www.d2sec.com/exploits/yappa-ng_2.3.2_lfi.html', 'name': 'yappa-ng 2.3.2 LFI', 'id': 'CVE-2008-4626'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_horoscope_lfi.html', 'name': 'Joomla Component com_horoscope LFI', 'id': 'CVE-2010-1472'}
{'url': 'http://www.d2sec.com/exploits/helpdezk_1.0.1_file_upload.html', 'name': 'HelpDEZk 1.0.1 File Upload', 'id': 'CVE-2014-8337'}
{'url': 'http://www.d2sec.com/exploits/manageengine_desktop_central_9.0.0_fileuploadservlet_file_upload.html', 'name': 'ManageEngine Desktop Central 9.0.0 FileUploadServlet File Upload', 'id': 'CVE-2015-8249'}
{'url': 'http://www.d2sec.com/exploits/phpldapadmin_1.2.1.1_rce.html', 'name': 'phpLDAPadmin 1.2.1.1 RCE', 'id': 'CVE-2011-4075'}
{'url': 'http://www.d2sec.com/exploits/vbulletin_5.0.0_beta_xx_sql_injection.html', 'name': 'vBulletin 5.0.0 Beta xx SQL Injection', 'id': 'CVE-2013-3522'}
{'url': 'http://www.d2sec.com/exploits/zabbix_=_1.8.4_sql_injection.html', 'name': 'Zabbix <= 1.8.4 SQL Injection', 'id': 'CVE-2011-4674'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_hsconfig_1.5_lfi.html', 'name': 'Joomla Component com_hsconfig 1.5 LFI', 'id': 'CVE-2010-1314'}
{'url': 'http://www.d2sec.com/exploits/horde__3.3.2_lfi.html', 'name': 'Horde < 3.3.2 LFI', 'id': 'CVE-2009-0932'}
{'url': 'http://www.d2sec.com/exploits/openx_2.6.3_lfi.html', 'name': 'OpenX 2.6.3 LFI', 'id': 'CVE-2009-0291'}
{'url': 'http://www.d2sec.com/exploits/phplist_2.10.7_lfi.html', 'name': 'phpList 2.10.7 LFI', 'id': 'CVE-2008-5887'}
{'url': 'http://www.d2sec.com/exploits/vbulletin_5.x_remote_administrator_injection.html', 'name': 'vBulletin 5.x Remote Administrator Injection', 'id': 'CVE-2013-6129'}
{'url': 'http://www.d2sec.com/exploits/zabbix_2.0_sql_injection.html', 'name': 'Zabbix 2.0 SQL Injection', 'id': 'CVE-2012-3435'}
{'url': 'http://www.d2sec.com/exploits/vbulletin_4.1.x_rce.html', 'name': 'vBulletin 4.1.x RCE', 'id': 'CVE-2013-6129'}
{'url': 'http://www.d2sec.com/exploits/horde_rce.html', 'name': 'Horde RCE', 'id': 'CVE-2012-0209'}
{'url': 'http://www.d2sec.com/exploits/zabbix_httpmon.php_sql_injection.html', 'name': 'Zabbix httpmon.php SQL Injection', 'id': 'CVE-2013-5743'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_jeguestbook_1.0_lfi.html', 'name': 'Joomla Component com_jeguestbook 1.0 LFI', 'id': 'CVE-2010-4865'}
{'url': 'http://www.d2sec.com/exploits/phpmoneybooks_lfi.html', 'name': 'phpMoneyBooks LFI', 'id': 'CVE-2012-1669'}
{'url': 'http://www.d2sec.com/exploits/zen_cart_1.5.4_lfi.html', 'name': 'Zen Cart 1.5.4 LFI', 'id': 'CVE-2015-8352'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_jfeedback_1.2_lfi.html', 'name': 'Joomla Component com_jfeedback 1.2 LFI', 'id': 'CVE-2010-1478'}
{'url': 'http://www.d2sec.com/exploits/v-cms_1.0_file_upload.html', 'name': 'V-CMS 1.0 File Upload', 'id': 'CVE-2011-4828'}
{'url': 'http://www.d2sec.com/exploits/hycus_cms_1.0.3_lfi.html', 'name': 'Hycus CMS 1.0.3 LFI', 'id': 'CVE-2010-4613'}
{'url': 'http://www.d2sec.com/exploits/openx_2.8.11_sql_injection.html', 'name': 'OpenX 2.8.11 SQL Injection', 'id': 'CVE-2013-7149'}
{'url': 'http://www.d2sec.com/exploits/zenphoto_1.4.2_rce.html', 'name': 'Zenphoto 1.4.2 RCE', 'id': 'CVE-2012-0993'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_jimtawl_1.0.2_lfi.html', 'name': 'Joomla Component com_jimtawl 1.0.2 LFI', 'id': 'CVE-2010-4769'}
{'url': 'http://www.d2sec.com/exploits/bitweaver_2.7_lfi.html', 'name': 'Bitweaver 2.7 LFI', 'id': 'CVE-2010-5086'}
{'url': 'http://www.d2sec.com/exploits/openx_2.8.6_file_upload.html', 'name': 'OpenX 2.8.6 File Upload', 'id': 'CVE-2009-4140'}
{'url': 'http://www.d2sec.com/exploits/sitracker_sit_file_upload.html', 'name': 'Sitracker SIT File Upload', 'id': 'CVE-2011-3829'}
{'url': 'http://www.d2sec.com/exploits/sitracker_sit_file_upload.html', 'name': 'Sitracker SIT File Upload', 'id': 'CVE-2011-3833'}
{'url': 'http://www.d2sec.com/exploits/symantec_web_gateway_5.0.2_file_upload.html', 'name': 'Symantec Web Gateway 5.0.2 File Upload', 'id': 'CVE-2012-0299'}
{'url': 'http://www.d2sec.com/exploits/bitweaver_2.8.1_lfi.html', 'name': 'Bitweaver 2.8.1 LFI', 'id': 'CVE-2012-5192'}
{'url': 'http://www.d2sec.com/exploits/piwik_0.4.3_file_upload.html', 'name': 'Piwik 0.4.3 File Upload', 'id': 'CVE-2009-4140'}
{'url': 'http://www.d2sec.com/exploits/sophos_web_protection_appliance_3.7.8.1_file_disclosure.html', 'name': 'Sophos Web Protection Appliance 3.7.8.1 File Disclosure', 'id': 'CVE-2013-2641'}
{'url': 'http://www.d2sec.com/exploits/hp_system_management_homepage_rce.html', 'name': 'HP System Management Homepage RCE', 'id': 'CVE-2013-3576'}
{'url': 'http://www.d2sec.com/exploits/sophos_web_protection_appliance_3.8.1_rce.html', 'name': 'Sophos Web Protection Appliance 3.8.1 RCE', 'id': 'CVE-2013-4983'}
{'url': 'http://www.d2sec.com/exploits/sophos_web_protection_appliance_3.8.1_rce.html', 'name': 'Sophos Web Protection Appliance 3.8.1 RCE', 'id': 'CVE-2013-4984'}
{'url': 'http://www.d2sec.com/exploits/zonphp_2.25_file_upload.html', 'name': 'ZonPHP 2.25 File Upload', 'id': 'CVE-2009-4140'}
{'url': 'http://www.d2sec.com/exploits/lenovo_thinkmanagement_console_9.0.3_file_upload.html', 'name': 'Lenovo ThinkManagement Console 9.0.3 File Upload', 'id': 'CVE-2012-1195'}
{'url': 'http://www.d2sec.com/exploits/sophos_web_protection_appliance_3.7.8.1_rce.html', 'name': 'Sophos Web Protection Appliance 3.7.8.1 RCE', 'id': 'CVE-2013-2641'}
{'url': 'http://www.d2sec.com/exploits/sophos_web_protection_appliance_3.7.8.1_rce.html', 'name': 'Sophos Web Protection Appliance 3.7.8.1 RCE', 'id': 'CVE-2013-2642'}
{'url': 'http://www.d2sec.com/exploits/manageengine_opmanager_migratecentraldata_servlet_file_upload.html', 'name': 'ManageEngine OpManager MigrateCentralData Servlet File Upload', 'id': 'CVE-2014-7866'}
{'url': 'http://www.d2sec.com/exploits/vivvo_cms_4.1.5.1_file_disclosure.html', 'name': 'Vivvo CMS 4.1.5.1 File Disclosure', 'id': 'CVE-2009-3787'}
{'url': 'http://www.d2sec.com/exploits/achievo_1.4.5_lfi.html', 'name': 'Achievo 1.4.5 LFI', 'id': 'CVE-2012-5865'}
{'url': 'http://www.d2sec.com/exploits/cart_engine_3.0_sql_injection.html', 'name': 'Cart Engine 3.0 SQL Injection', 'id': 'CVE-2014-8305'}
{'url': 'http://www.d2sec.com/exploits/manageengine_opmanager_migrateleedata_servlet_file_upload.html', 'name': 'ManageEngine OpManager MigrateLEEData Servlet File Upload', 'id': 'CVE-2014-7866'}
{'url': 'http://www.d2sec.com/exploits/tiki_wiki_cms_groupware_8.2_rce.html', 'name': 'Tiki Wiki CMS Groupware 8.2 RCE', 'id': 'CVE-2011-4558'}
{'url': 'http://www.d2sec.com/exploits/tiki_wiki_cms_groupware_8.3_rce.html', 'name': 'Tiki Wiki CMS Groupware 8.3 RCE', 'id': 'CVE-2012-0911'}
{'url': 'http://www.d2sec.com/exploits/adobe_coldfusion_solr_service_information_disclosure.html', 'name': 'Adobe Coldfusion Solr Service Information Disclosure', 'id': 'CVE-2010-0185'}
{'url': 'http://www.d2sec.com/exploits/cms_made_simple_1.8_lfi.html', 'name': 'CMS Made Simple 1.8 LFI', 'id': 'CVE-2010-2797'}
{'url': 'http://www.d2sec.com/exploits/manageengine_opmanager_filecollector_servlet_file_upload.html', 'name': 'ManageEngine OpManager FileCollector Servlet File Upload', 'id': 'CVE-2014-6035'}
{'url': 'http://www.d2sec.com/exploits/wordpress_2.8.3_rce.html', 'name': 'WordPress 2.8.3 RCE', 'id': 'CVE-2009-2853'}
{'url': 'http://www.d2sec.com/exploits/whmcs_4.x_lfi.html', 'name': 'WHMCS 4.x LFI', 'id': 'CVE-2011-4810'}
{'url': 'http://www.d2sec.com/exploits/vmware_server_file_disclosure.html', 'name': 'Vmware Server File Disclosure', 'id': 'CVE-2009-3733'}
{'url': 'http://www.d2sec.com/exploits/adobe_xml_external_entity_file_disclosure.html', 'name': 'Adobe XML External Entity File Disclosure', 'id': 'CVE-2009-3960'}
{'url': 'http://www.d2sec.com/exploits/cms_made_simple_1.4.1_lfi.html', 'name': 'CMS Made Simple 1.4.1 LFI', 'id': 'CVE-2008-5642'}
{'url': 'http://www.d2sec.com/exploits/manageengine_opmanager_filecollector_servlet_file_upload.html', 'name': 'ManageEngine OpManager FileCollector Servlet File Upload', 'id': 'CVE-2014-6034'}
{'url': 'http://www.d2sec.com/exploits/tiki_wiki_cms_groupware_sql_injection.html', 'name': 'Tiki Wiki CMS Groupware SQL Injection', 'id': 'CVE-2013-4715'}
{'url': 'http://www.d2sec.com/exploits/oracle_secure_backup_10.2.0.2_rce_linux.html', 'name': 'Oracle Secure Backup 10.2.0.2 RCE (Linux)', 'id': 'CVE-2008-5448'}
{'url': 'http://www.d2sec.com/exploits/vtiger_crm_5.2.0_lfi.html', 'name': 'vtiger CRM 5.2.0 LFI', 'id': 'CVE-2010-3910'}
{'url': 'http://www.d2sec.com/exploits/wordpress_relocate_upload_0.14_rfi.html', 'name': 'WordPress Relocate Upload 0.14 RFI', 'id': 'CVE-2012-1205'}
{'url': 'http://www.d2sec.com/exploits/vtiger_crm_5.0.4_lfi.html', 'name': 'vtiger CRM 5.0.4 LFI', 'id': 'CVE-2009-3249'}
{'url': 'http://www.d2sec.com/exploits/timthumb_1.32_file_upload.html', 'name': 'Timthumb 1.32 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/wikkawiki_1.3.1_sql_injection.html', 'name': 'WikkaWiki 1.3.1 SQL Injection', 'id': 'CVE-2011-4451'}
{'url': 'http://www.d2sec.com/exploits/oracle_secure_backup_10.2.0.2_rce_windows.html', 'name': 'Oracle Secure Backup 10.2.0.2 RCE (Windows)', 'id': 'CVE-2008-5448'}
{'url': 'http://www.d2sec.com/exploits/wordpress_slider_revolution_responsive_file_disclosure.html', 'name': 'WordPress Slider Revolution Responsive File Disclosure', 'id': 'CVE-2015-1579'}
{'url': 'http://www.d2sec.com/exploits/adrotate_library_clicktracker.php_track_parameter_sql_injection.html', 'name': 'AdRotate library/clicktracker.php track Parameter SQL Injection', 'id': 'CVE-2014-1854'}
{'url': 'http://www.d2sec.com/exploits/posh__portal_addtoapplication.php_rssurl_parameter_sql_injection.html', 'name': 'POSH /portal/addtoapplication.php rssurl Parameter SQL Injection', 'id': 'CVE-2014-2211'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_jukebox_1.7_lfi.html', 'name': 'Joomla Component com_jukebox 1.7 LFI', 'id': 'CVE-2010-1352'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_webtv_lfi.html', 'name': 'Joomla Component com_webtv LFI', 'id': 'CVE-2010-1470'}
{'url': 'http://www.d2sec.com/exploits/wordpress_wpstorecart_2.5.29_file_upload.html', 'name': 'WordPress wpStoreCart 2.5.29 File Upload', 'id': 'CVE-2012-3576'}
{'url': 'http://www.d2sec.com/exploits/manageengine_eventlog_analyzer_9.9_file_upload.html', 'name': 'ManageEngine EventLog Analyzer 9.9 File Upload', 'id': 'CVE-2014-6037'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_jwhmcs_1.5.0_lfi.html', 'name': 'Joomla Component com_jwhmcs 1.5.0 LFI', 'id': 'CVE-2010-1977'}
{'url': 'http://www.d2sec.com/exploits/picopublisher_2.0_sql_injection.html', 'name': 'PicoPublisher 2.0 SQL Injection', 'id': 'CVE-2012-5912'}
{'url': 'http://www.d2sec.com/exploits/pragyan_cms_file_disclosure.html', 'name': 'Pragyan CMS File Disclosure', 'id': 'CVE-2012-6500'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_market_2.x_lfi.html', 'name': 'Joomla Component com_market 2.x LFI', 'id': 'CVE-2010-1722'}
{'url': 'http://www.d2sec.com/exploits/piwigo_rate_parameter_sql_injection.html', 'name': 'Piwigo rate parameter SQL Injection', 'id': 'CVE-2014-9115'}
{'url': 'http://www.d2sec.com/exploits/piwik_0.6.3_lfi.html', 'name': 'Piwik 0.6.3 LFI', 'id': 'CVE-2010-2786'}
{'url': 'http://www.d2sec.com/exploits/joomla_core_sqli_list[select].html', 'name': 'Joomla Core SQLi list[select]', 'id': 'CVE-2015-7297'}
{'url': 'http://www.d2sec.com/exploits/joomla_core_sqli_list[select].html', 'name': 'Joomla Core SQLi list[select]', 'id': 'CVE-2015-7857'}
{'url': 'http://www.d2sec.com/exploits/joomla_core_sqli_list[select].html', 'name': 'Joomla Core SQLi list[select]', 'id': 'CVE-2015-7858'}
{'url': 'http://www.d2sec.com/exploits/pydio_file_upload.html', 'name': 'Pydio File Upload', 'id': 'CVE-2013-6226'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_mtfireeagle_1.2_lfi.html', 'name': 'Joomla Component com_mtfireeagle 1.2 LFI', 'id': 'CVE-2010-1719'}
{'url': 'http://www.d2sec.com/exploits/joomla_2.5.13__3.1.4_file_upload.html', 'name': 'Joomla 2.5.13 & 3.1.4 File Upload', 'id': 'CVE-2013-5576'}
{'url': 'http://www.d2sec.com/exploits/plone_rce.html', 'name': 'Plone RCE', 'id': 'CVE-2011-3587'}
{'url': 'http://www.d2sec.com/exploits/joomla_1.5.26_file_upload.html', 'name': 'Joomla 1.5.26 File Upload', 'id': 'CVE-2013-5576'}
{'url': 'http://www.d2sec.com/exploits/wordpress_rbx_gallery_2.1_file_upload.html', 'name': 'WordPress RBX Gallery 2.1 File Upload', 'id': 'CVE-2012-3575'}
{'url': 'http://www.d2sec.com/exploits/exponent_2.3.7_rce.html', 'name': 'Exponent 2.3.7 RCE', 'id': 'CVE-2016-2242'}
{'url': 'http://www.d2sec.com/exploits/pluxml_5.1.5_lfi.html', 'name': 'PluXml 5.1.5 LFI', 'id': 'CVE-2012-2227'}
{'url': 'http://www.d2sec.com/exploits/iscripts_reservelogic_1.1_sql_injection.html', 'name': 'iScripts ReserveLogic 1.1 SQL Injection', 'id': 'CVE-2010-4980'}
{'url': 'http://www.d2sec.com/exploits/adobe_robohelp_server_8_upload.html', 'name': 'Adobe Robohelp Server 8 Upload', 'id': 'CVE-2009-3068'}
{'url': 'http://www.d2sec.com/exploits/pmwiki_2.2.34_rce.html', 'name': 'PmWiki 2.2.34 RCE', 'id': 'CVE-2011-4453'}
{'url': 'http://www.d2sec.com/exploits/webcalendar_1.2.4_rce.html', 'name': 'WebCalendar 1.2.4 RCE', 'id': 'CVE-2012-1495'}
{'url': 'http://www.d2sec.com/exploits/drupal_aes_encryption_file_disclosure.html', 'name': 'Drupal AES encryption File Disclosure', 'id': 'CVE-2011-0899'}
{'url': 'http://www.d2sec.com/exploits/joomla_1.5.12_upload.html', 'name': 'Joomla 1.5.12 Upload', 'id': 'CVE-2011-4908'}
{'url': 'http://www.d2sec.com/exploits/drupal_core_7.x_sql_injection.html', 'name': 'Drupal core 7.x SQL Injection', 'id': 'CVE-2014-3704'}
{'url': 'http://www.d2sec.com/exploits/wordpress_search_everything_sql_injection.html', 'name': 'Wordpress Search Everything SQL Injection', 'id': 'CVE-2014-2316'}
{'url': 'http://www.d2sec.com/exploits/e107_0.7.20_rce.html', 'name': 'e107 0.7.20 RCE', 'id': 'CVE-2010-2099'}
{'url': 'http://www.d2sec.com/exploits/wordpress_simple_ads_manager_sql_injection.html', 'name': 'WordPress Simple Ads Manager SQL Injection', 'id': 'CVE-2015-2824'}
{'url': 'http://www.d2sec.com/exploits/webglimpse_2.18.8_rce.html', 'name': 'WebGlimpse 2.18.8 RCE', 'id': 'CVE-2012-1795'}
{'url': 'http://www.d2sec.com/exploits/lionwiki_3.0.3_lfi.html', 'name': 'LionWiki 3.0.3 LFI', 'id': 'CVE-2009-3534'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_addressbook_1.5.0_lfi.html', 'name': 'Joomla Component com_addressbook 1.5.0 LFI', 'id': 'CVE-2010-1471'}
{'url': 'http://www.d2sec.com/exploits/wordpress_simple_ads_manager_file_upload.html', 'name': 'WordPress Simple Ads Manager File Upload', 'id': 'CVE-2015-2825'}
{'url': 'http://www.d2sec.com/exploits/efront_3.5.5_lfi.html', 'name': 'eFront 3.5.5 LFI', 'id': 'CVE-2010-1003'}
{'url': 'http://www.d2sec.com/exploits/log1_cms_2.0_rce.html', 'name': 'Log1 CMS 2.0 RCE', 'id': 'CVE-2011-4825'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_advertising_0.25_lfi.html', 'name': 'Joomla Component com_advertising 0.25 LFI', 'id': 'CVE-2010-1473'}
{'url': 'http://www.d2sec.com/exploits/lotuscms_3.0_lfi.html', 'name': 'LotusCMS 3.0 LFI', 'id': 'CVE-2011-0518'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_arcadegames_1.0_lfi.html', 'name': 'Joomla Component com_arcadegames 1.0 LFI', 'id': 'CVE-2010-1714'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_awdwall_1.5.4_lfi.html', 'name': 'Joomla Component com_awdwall 1.5.4 LFI', 'id': 'CVE-2010-1493'}
{'url': 'http://www.d2sec.com/exploits/spip_ecran_securite_connect_parameter_rce.html', 'name': 'SPIP ecran_securite connect Parameter RCE', 'id': 'CVE-2013-4557'}
{'url': 'http://www.d2sec.com/exploits/wordpress_category_grid_view_gallery_0.1.1_file_upload.html', 'name': 'Wordpress Category Grid View Gallery 0.1.1 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_blogfactory_1.1.2_lfi.html', 'name': 'Joomla Component com_blogfactory 1.1.2 LFI', 'id': 'CVE-2010-1955'}
{'url': 'http://www.d2sec.com/exploits/mozilocms_1.11_lfi.html', 'name': 'moziloCMS 1.11 LFI', 'id': 'CVE-2009-1368'}
{'url': 'http://www.d2sec.com/exploits/simple_cms_sql_injection.html', 'name': 'Simple CMS SQL Injection', 'id': 'CVE-2012-3791'}
{'url': 'http://www.d2sec.com/exploits/sqlitemanager_1.2.0_lfi.html', 'name': 'SQLiteManager 1.2.0 LFI', 'id': 'CVE-2007-1232'}
{'url': 'http://www.d2sec.com/exploits/wordpress_auto_attachments_0.2.9_file_upload.html', 'name': 'Wordpress Auto Attachments 0.2.9 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/wordpress_wp_marketplace_1.1.0_file_upload.html', 'name': 'Wordpress WP Marketplace 1.1.0 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/hp_sitescope_runomagentcommand_11.20_rce.html', 'name': 'HP SiteScope runOMAgentCommand 11.20 RCE', 'id': 'CVE-2013-2367'}
{'url': 'http://www.d2sec.com/exploits/sqlitemanager_1.2.0_rfi.html', 'name': 'SQLiteManager 1.2.0 RFI', 'id': 'CVE-2008-0516'}
{'url': 'http://www.d2sec.com/exploits/wordpress_dp_thumbnail_1.0_file_upload.html', 'name': 'Wordpress DP Thumbnail 1.0 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/hp_sitescope_issuesiebelcmd_11.20_rce.html', 'name': 'HP SiteScope issueSiebelCmd 11.20 RCE', 'id': 'CVE-2013-4835'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_datafeeds_880_lfi.html', 'name': 'Joomla Component com_datafeeds 880 LFI', 'id': 'CVE-2010-1980'}
{'url': 'http://www.d2sec.com/exploits/wordpress_google_document_embedder_2.5.14_sql_injection.html', 'name': 'WordPress Google Document Embedder 2.5.14 SQL Injection', 'id': 'CVE-2014-9173'}
{'url': 'http://www.d2sec.com/exploits/hp_sitescope_11.20_file_upload.html', 'name': 'HP SiteScope 11.20 File Upload', 'id': 'CVE-2012-3259'}
{'url': 'http://www.d2sec.com/exploits/solarwinds_storage_manager_processfileupload.jsp_file_upload.html', 'name': 'Solarwinds Storage Manager ProcessFileUpload.jsp File Upload', 'id': 'CVE-2015-7838'}
{'url': 'http://www.d2sec.com/exploits/nagios_3.1.0_rce.html', 'name': 'Nagios 3.1.0 RCE', 'id': 'CVE-2009-2288'}
{'url': 'http://www.d2sec.com/exploits/wordpress_vk_gallery_1.1.0_file_upload.html', 'name': 'Wordpress Vk Gallery 1.1.0 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/wordpress_holding_pattern_theme_0.6_file_upload.html', 'name': 'WordPress Holding Pattern Theme 0.6 File Upload', 'id': 'CVE-2015-1172'}
{'url': 'http://www.d2sec.com/exploits/skybluecanvas_1.1_rce.html', 'name': 'Skybluecanvas 1.1 RCE', 'id': 'CVE-2014-1683'}
{'url': 'http://www.d2sec.com/exploits/wordpress_rekt_slideshow_1.0.5_file_upload.html', 'name': 'Wordpress Rekt Slideshow 1.0.5 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_dioneformwizard_1.0.2_lfi.html', 'name': 'Joomla Component com_dioneformwizard 1.0.2 LFI', 'id': 'CVE-2010-2045'}
{'url': 'http://www.d2sec.com/exploits/wordpress_cac_featured_content_0.8_file_upload.html', 'name': 'Wordpress CAC Featured Content 0.8 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/visual_mining_netcharts_server_7.0_file_upload.html', 'name': 'Visual Mining NetCharts Server 7.0 File Upload', 'id': 'CVE-2014-8516'}
{'url': 'http://www.d2sec.com/exploits/apache-struts__2.2.0_rce_windows.html', 'name': 'Apache-Struts < 2.2.0 RCE Windows', 'id': 'CVE-2010-1870'}
{'url': 'http://www.d2sec.com/exploits/apache-struts__2.2.0_rce_linux.html', 'name': 'Apache-Struts < 2.2.0 RCE Linux', 'id': 'CVE-2010-1870'}
{'url': 'http://www.d2sec.com/exploits/visual_mining_netcharts_server_savefile.jsp_file_upload.html', 'name': 'Visual Mining NetCharts Server saveFile.jsp File Upload', 'id': 'CVE-2015-4031'}
{'url': 'http://www.d2sec.com/exploits/wordpress_rent_a_car_1.0_file_upload.html', 'name': 'Wordpress Rent A Car 1.0 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/spip_2.0.8_information_disclosure.html', 'name': 'SPIP 2.0.8 Information Disclosure', 'id': 'CVE-2009-3041'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_foobla_suggestions_1.5.1.2_lfi.html', 'name': 'Joomla Component com_foobla_suggestions 1.5.1.2 LFI', 'id': 'CVE-2010-2920'}
{'url': 'http://www.d2sec.com/exploits/apache-struts_exceptiondelegator__2.3.1.1_rce_linux.html', 'name': 'Apache-Struts ExceptionDelegator < 2.3.1.1 RCE Linux', 'id': 'CVE-2012-0394'}
{'url': 'http://www.d2sec.com/exploits/novell_netiq_2.3.1_rce.html', 'name': 'Novell NetIQ 2.3.1 RCE', 'id': 'CVE-2012-5932'}
{'url': 'http://www.d2sec.com/exploits/wordpress_lisl_last_image_slider_1.0_file_upload.html', 'name': 'Wordpress LISL Last Image Slider 1.0 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/phpmyadmin_3.x_rce.html', 'name': 'Phpmyadmin 3.x RCE', 'id': 'CVE-2011-2505'}
{'url': 'http://www.d2sec.com/exploits/phpmyadmin_3.x_rce.html', 'name': 'Phpmyadmin 3.x RCE', 'id': 'CVE-2011-2506'}
{'url': 'http://www.d2sec.com/exploits/phpmyadmin_3.x_rce.html', 'name': 'Phpmyadmin 3.x RCE', 'id': 'CVE-2011-2507'}
{'url': 'http://www.d2sec.com/exploits/vtiger_crm_5.1.0_lfi.html', 'name': 'vtiger CRM 5.1.0 LFI', 'id': 'CVE-2012-4867'}
{'url': 'http://www.d2sec.com/exploits/webmatic_sql_injection.html', 'name': 'Webmatic SQL Injection', 'id': 'CVE-2012-3350'}
{'url': 'http://www.d2sec.com/exploits/novell_imanager_file_upload.html', 'name': 'Novell iManager File Upload', 'id': 'CVE-2010-0284'}
{'url': 'http://www.d2sec.com/exploits/mantis_=_1.1.1_lfi.html', 'name': 'Mantis <= 1.1.1 LFI', 'id': 'CVE-2008-3333'}
{'url': 'http://www.d2sec.com/exploits/oracle_secure_backup_10.3.0.1_rce.html', 'name': 'Oracle Secure Backup 10.3.0.1 RCE', 'id': 'CVE-2009-1977'}
{'url': 'http://www.d2sec.com/exploits/oracle_secure_backup_10.3.0.1_rce.html', 'name': 'Oracle Secure Backup 10.3.0.1 RCE', 'id': 'CVE-2009-1978'}
{'url': 'http://www.d2sec.com/exploits/apache-struts_debugginginterceptor__2.3.1.1_rce_windows.html', 'name': 'Apache-Struts DebuggingInterceptor < 2.3.1.1 RCE Windows', 'id': 'CVE-2012-0394'}
{'url': 'http://www.d2sec.com/exploits/asus_wireless-n_gigabit_router_information_disclosure.html', 'name': 'Asus Wireless-N Gigabit Router Information Disclosure', 'id': 'CVE-2011-4497'}
{'url': 'http://www.d2sec.com/exploits/phpmyadmin_file_upload.html', 'name': 'Phpmyadmin File Upload', 'id': 'CVE-2009-1151'}
{'url': 'http://www.d2sec.com/exploits/apache-struts_debugginginterceptor__2.3.1.1_rce_linux.html', 'name': 'Apache-Struts DebuggingInterceptor < 2.3.1.1 RCE Linux', 'id': 'CVE-2012-0394'}
{'url': 'http://www.d2sec.com/exploits/ginkgo_cms_5.0_sql_injection.html', 'name': 'Ginkgo CMS 5.0 SQL Injection', 'id': 'CVE-2013-5318'}
{'url': 'http://www.d2sec.com/exploits/hp_intelligent_management_center_bims_uploadservlet_file_upload.html', 'name': 'HP Intelligent Management Center BIMS UploadServlet File Upload', 'id': 'CVE-2013-4822'}
{'url': 'http://www.d2sec.com/exploits/lexmark_markvision_enterprise_2.0_file_upload.html', 'name': 'Lexmark MarkVision Enterprise 2.0 File Upload', 'id': 'CVE-2014-8741'}
{'url': 'http://www.d2sec.com/exploits/vtiger_crm_5.4.0_kcfinder_lfi.html', 'name': 'vTiger CRM 5.4.0 kcfinder LFI', 'id': 'CVE-2014-1222'}
{'url': 'http://www.d2sec.com/exploits/vtiger_crm_6.0.0_rce.html', 'name': 'vtiger CRM 6.0.0 RCE', 'id': 'CVE-2014-2268'}
{'url': 'http://www.d2sec.com/exploits/apache-struts_parameterinterceptor__2.3.1.2_rce_windows.html', 'name': 'Apache-Struts ParameterInterceptor < 2.3.1.2 RCE Windows', 'id': 'CVE-2011-3923'}
{'url': 'http://www.d2sec.com/exploits/impresscms_lfi.html', 'name': 'Impresscms LFI', 'id': 'CVE-2012-0987'}
{'url': 'http://www.d2sec.com/exploits/mediawiki_thumb.php_page_parameter_remote_shell_command_injection.html', 'name': 'MediaWiki thumb.php page Parameter Remote Shell Command Injection', 'id': 'CVE-2014-1610'}
{'url': 'http://www.d2sec.com/exploits/vtiger_crm_6.0_rc_rce.html', 'name': 'vtiger CRM 6.0 RC RCE', 'id': 'CVE-2014-2268'}
{'url': 'http://www.d2sec.com/exploits/apache-struts_parameterinterceptor__2.3.1.2_rce_linux.html', 'name': 'Apache-Struts ParameterInterceptor < 2.3.1.2 RCE Linux', 'id': 'CVE-2011-3923'}
{'url': 'http://www.d2sec.com/exploits/open_web_analytics_password_reset_page_owa_email_address_parameter_sql_injection.html', 'name': 'Open Web Analytics Password Reset Page owa_email_address Parameter SQL Injection', 'id': 'CVE-2014-1206'}
{'url': 'http://www.d2sec.com/exploits/phpmyfaq_2.7.0_rce.html', 'name': 'phpMyFAQ 2.7.0 RCE', 'id': 'CVE-2011-4825'}
{'url': 'http://www.d2sec.com/exploits/wordpress_wp_easycart_privilege_escalation.html', 'name': 'WordPress WP EasyCart Privilege Escalation', 'id': 'CVE-2015-2673'}
{'url': 'http://www.d2sec.com/exploits/vtiger_crm_5.4.0_get_tickets_list_sqli.html', 'name': 'vtiger CRM 5.4.0 get_tickets_list SQLi', 'id': 'CVE-2013-3213'}
{'url': 'http://www.d2sec.com/exploits/symantec_web_gateway_5.0.2_lfi.html', 'name': 'Symantec Web Gateway 5.0.2 LFI', 'id': 'CVE-2012-0297'}
{'url': 'http://www.d2sec.com/exploits/apache-struts_showcase__2.3.14.1_rce_linux.html', 'name': 'Apache-Struts Showcase < 2.3.14.1 RCE Linux', 'id': 'CVE-2013-1965'}
{'url': 'http://www.d2sec.com/exploits/invision_power_board_3.3.4_rce.html', 'name': 'Invision Power Board 3.3.4 RCE', 'id': 'CVE-2012-5692'}
{'url': 'http://www.d2sec.com/exploits/symantec_messaging_gateway_9.5.3_file_disclosure.html', 'name': 'Symantec Messaging Gateway 9.5.3 File Disclosure', 'id': 'CVE-2012-4347'}
{'url': 'http://www.d2sec.com/exploits/wordpress_cart66_lite_sql_injection.html', 'name': 'WordPress Cart66 Lite SQL Injection', 'id': 'CVE-2014-9305'}
{'url': 'http://www.d2sec.com/exploits/symantec_web_gateway_5.0.2_rce.html', 'name': 'Symantec Web Gateway 5.0.2 RCE', 'id': 'CVE-2012-0297'}
{'url': 'http://www.d2sec.com/exploits/apache-struts_includeparams__2.3.14.1_rce_linux.html', 'name': 'Apache-Struts IncludeParams < 2.3.14.1 RCE Linux', 'id': 'CVE-2013-1966'}
{'url': 'http://www.d2sec.com/exploits/vtiger_crm_5.4.0_get_picklists_sqli.html', 'name': 'vtiger CRM 5.4.0 get_picklists SQLi', 'id': 'CVE-2013-3213'}
{'url': 'http://www.d2sec.com/exploits/jaow_sqli.html', 'name': 'Jaow SQLi', 'id': 'CVE-2012-2952'}
{'url': 'http://www.d2sec.com/exploits/wordpress_wp_symposium_15.1_sql_injection.html', 'name': 'Wordpress WP Symposium 15.1 SQL Injection', 'id': 'CVE-2015-3325'}
{'url': 'http://www.d2sec.com/exploits/apache-struts_includeparams__2.3.14.2_rce_linux.html', 'name': 'Apache-Struts IncludeParams < 2.3.14.2 RCE Linux', 'id': 'CVE-2013-2115'}
{'url': 'http://www.d2sec.com/exploits/symantec_web_gateway_5.0.3.18_rce.html', 'name': 'Symantec Web Gateway 5.0.3.18 RCE', 'id': 'CVE-2012-2953'}
{'url': 'http://www.d2sec.com/exploits/redhat_jboss_file_disclosure.html', 'name': 'RedHat JBoss File Disclosure', 'id': 'CVE-2005-2006'}
{'url': 'http://www.d2sec.com/exploits/modx_revolution_2.0.2-pl_lfi.html', 'name': 'MODx Revolution 2.0.2-pl LFI', 'id': 'CVE-2010-5278'}
{'url': 'http://www.d2sec.com/exploits/vtiger_crm_5.4.0_file_upload.html', 'name': 'vtiger CRM 5.4.0 File Upload', 'id': 'CVE-2013-3214'}
{'url': 'http://www.d2sec.com/exploits/vtiger_crm_5.4.0_file_upload.html', 'name': 'vtiger CRM 5.4.0 File Upload', 'id': 'CVE-2013-3215'}
{'url': 'http://www.d2sec.com/exploits/phppaleo_lfi.html', 'name': 'phppaleo LFI', 'id': 'CVE-2012-1671'}
{'url': 'http://www.d2sec.com/exploits/vtiger_crm_5.4.0_kcfinder_file_upload.html', 'name': 'vTiger CRM 5.4.0 kcfinder File Upload', 'id': 'CVE-2013-3591'}
{'url': 'http://www.d2sec.com/exploits/apache-struts_defaultactionmapper__2.3.15.1_rce_linux.html', 'name': 'Apache-Struts DefaultActionMapper < 2.3.15.1 RCE Linux', 'id': 'CVE-2013-2251'}
{'url': 'http://www.d2sec.com/exploits/symantec_web_gateway_5.0.3_rce.html', 'name': 'Symantec Web Gateway 5.0.3 RCE', 'id': 'CVE-2012-2957'}
{'url': 'http://www.d2sec.com/exploits/symantec_web_gateway_5.0.3_rce.html', 'name': 'Symantec Web Gateway 5.0.3 RCE', 'id': 'CVE-2012-2976'}
{'url': 'http://www.d2sec.com/exploits/moinmoin_1.9.5_rce.html', 'name': 'MoinMoin 1.9.5 RCE', 'id': 'CVE-2012-6081'}
{'url': 'http://www.d2sec.com/exploits/pbboard_2.1.4_username_sql_injection.html', 'name': 'PBBoard 2.1.4 username SQL Injection', 'id': 'CVE-2012-4034'}
{'url': 'http://www.d2sec.com/exploits/d-link_authentication_bypass.html', 'name': 'D-LINK Authentication Bypass', 'id': 'CVE-2013-7051'}
{'url': 'http://www.d2sec.com/exploits/wordpress_mailpoet_newsletters_file_upload.html', 'name': 'WordPress MailPoet Newsletters File Upload', 'id': 'CVE-2014-4725'}
{'url': 'http://www.d2sec.com/exploits/symantec_web_gateway_5.0.3_sqli.html', 'name': 'Symantec Web Gateway 5.0.3 SQLi', 'id': 'CVE-2012-2961'}
{'url': 'http://www.d2sec.com/exploits/phpsane_0.5.0_rfi.html', 'name': 'phpSANE 0.5.0 RFI', 'id': 'CVE-2009-3188'}
{'url': 'http://www.d2sec.com/exploits/sugarcrm_6.3.1_rce.html', 'name': 'SugarCRM 6.3.1 RCE', 'id': 'CVE-2012-0694'}
{'url': 'http://www.d2sec.com/exploits/moodle_=_1.8.4_rce.html', 'name': 'Moodle <= 1.8.4 RCE', 'id': 'CVE-2008-1502'}
{'url': 'http://www.d2sec.com/exploits/pbboard_2.1.4_email_sql_injection.html', 'name': 'PBBoard 2.1.4 email SQL Injection', 'id': 'CVE-2012-4034'}
{'url': 'http://www.d2sec.com/exploits/wordpress_creative_contact_form_0.9.7_file_upload.html', 'name': 'WordPress Creative Contact Form 0.9.7 File Upload', 'id': 'CVE-2014-8739'}
{'url': 'http://www.d2sec.com/exploits/wordpress_yoast_seo_1.7.3.3_sql_injection.html', 'name': 'WordPress Yoast SEO 1.7.3.3 SQL Injection', 'id': 'CVE-2015-2292'}
{'url': 'http://www.d2sec.com/exploits/alienvault_ossim_av-centerd_util.pm_rce.html', 'name': 'AlienVault OSSIM av-centerd Util.pm RCE', 'id': 'CVE-2014-3804'}
{'url': 'http://www.d2sec.com/exploits/apache_tomcat_file_disclosure.html', 'name': 'Apache Tomcat File Disclosure', 'id': 'CVE-2008-2938'}
{'url': 'http://www.d2sec.com/exploits/pbboard_3.0.1_email_sql_injection.html', 'name': 'PBBoard 3.0.1 email SQL Injection', 'id': 'CVE-2014-9215'}
{'url': 'http://www.d2sec.com/exploits/wordpress_islidex_2.7_file_upload.html', 'name': 'Wordpress Islidex 2.7 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/novell_zenworks_asset_management_7.5_file_upload.html', 'name': 'Novell ZENWorks Asset Management 7.5 File Upload', 'id': 'CVE-2011-2653'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_realtyna_1.0.15_lfi.html', 'name': 'Joomla Component com_realtyna 1.0.15 LFI', 'id': 'CVE-2010-2682'}
{'url': 'http://www.d2sec.com/exploits/apprain_3.0.2_sql_injection.html', 'name': 'appRain 3.0.2 SQL Injection', 'id': 'CVE-2013-6058'}
{'url': 'http://www.d2sec.com/exploits/hp_pcm+_snac_registration_server_updatedomaincontrollerservlet_file_upload.html', 'name': 'HP PCM+ SNAC Registration Server UpdateDomainControllerServlet File Upload', 'id': 'CVE-2013-4811'}
{'url': 'http://www.d2sec.com/exploits/wordpress_kino_gallery_1.0_file_upload.html', 'name': 'Wordpress Kino Gallery 1.0 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_joomlaflickr_1.0.x_lfi.html', 'name': 'Joomla Component com_joomlaflickr 1.0.x LFI', 'id': 'CVE-2010-1980'}
{'url': 'http://www.d2sec.com/exploits/wordpress_cms_pack_1.3_file_upload.html', 'name': 'Wordpress Cms Pack 1.3 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/apprain_0.1.5_file_upload.html', 'name': 'appRain 0.1.5 File Upload', 'id': 'CVE-2012-1153'}
{'url': 'http://www.d2sec.com/exploits/hp_pcm+_snac_registration_server_updatecertificatesservlet_file_upload.html', 'name': 'HP PCM+ SNAC Registration Server UpdateCertificatesServlet File Upload', 'id': 'CVE-2013-4812'}
{'url': 'http://www.d2sec.com/exploits/novell_zenworks_configuration_management_11_sp2_file_upload.html', 'name': 'Novell ZENworks Configuration Management 11 SP2 File Upload', 'id': 'CVE-2013-1080'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_joomlaupdater_lfi.html', 'name': 'Joomla Component com_joomlaupdater LFI', 'id': 'CVE-2010-1307'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_sef_lfi.html', 'name': 'Joomla Component com_sef LFI', 'id': 'CVE-2010-2681'}
{'url': 'http://www.d2sec.com/exploits/ca_arcserve_d2d_r15_credentials_disclosure.html', 'name': 'CA ARCserve D2D r15 Credentials Disclosure', 'id': 'CVE-2011-3011'}
{'url': 'http://www.d2sec.com/exploits/elite_bulletin_board_2.1.21_sql_injection.html', 'name': 'Elite Bulletin Board 2.1.21 SQL Injection', 'id': 'CVE-2012-5874'}
{'url': 'http://www.d2sec.com/exploits/hp_openview_performance_manager_9.0_file_upload.html', 'name': 'HP OpenView Performance Manager 9.0 File Upload', 'id': 'CVE-2012-0127'}
{'url': 'http://www.d2sec.com/exploits/novell_zenworks_configuration_management_uploadservlet_file_upload.html', 'name': 'Novell ZENworks Configuration Management UploadServlet File Upload', 'id': 'CVE-2015-0779'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_shoutbox_lfi.html', 'name': 'Joomla Component com_shoutbox LFI', 'id': 'CVE-2010-1534'}
{'url': 'http://www.d2sec.com/exploits/apache_activemq_source_code_disclosure.html', 'name': 'Apache ActiveMQ Source Code Disclosure', 'id': 'CVE-2010-1587'}
{'url': 'http://www.d2sec.com/exploits/awcm_2.2_lfi.html', 'name': 'AWCM 2.2 LFI', 'id': 'CVE-2011-0903'}
{'url': 'http://www.d2sec.com/exploits/mcafee_email_gateway_7.0_file_disclosure.html', 'name': 'McAfee Email Gateway 7.0 File Disclosure', 'id': 'CVE-2012-4596'}
{'url': 'http://www.d2sec.com/exploits/wordpress_category_list_portfolio_page_1.3_file_upload.html', 'name': 'Wordpress Category List Portfolio Page 1.3 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_jotloader_2.2.1_lfi.html', 'name': 'Joomla Component com_jotloader 2.2.1 LFI', 'id': 'CVE-2010-4617'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_sweetykeeper_1.5.x_lfi.html', 'name': 'Joomla Component com_sweetykeeper 1.5.x LFI', 'id': 'CVE-2010-1474'}
{'url': 'http://www.d2sec.com/exploits/apache_axis2_file_disclosure.html', 'name': 'Apache Axis2 File Disclosure', 'id': 'CVE-2010-1632'}
{'url': 'http://www.d2sec.com/exploits/awstats_totals_=_1.14_rce.html', 'name': 'Awstats Totals <= 1.14 RCE', 'id': 'CVE-2008-3922'}
{'url': 'http://www.d2sec.com/exploits/wordpress_really_easy_slider_0.1_file_upload.html', 'name': 'Wordpress Really Easy Slider 0.1 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/zen_cart_1.3.8a_file_upload.html', 'name': 'Zen Cart 1.3.8a File Upload', 'id': 'CVE-2009-2255'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_jphone_1.0_alpha_3_lfi.html', 'name': 'Joomla Component com_jphone 1.0 alpha 3 LFI', 'id': 'CVE-2010-3426'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_travelbook_1.0.1_lfi.html', 'name': 'Joomla Component com_travelbook 1.0.1 LFI', 'id': 'CVE-2010-1535'}
{'url': 'http://www.d2sec.com/exploits/wordpress_verve_meta_boxes_1.2.8_file_upload.html', 'name': 'Wordpress Verve Meta Boxes 1.2.8 File Upload', 'id': 'CVE-2011-4106'}
{'url': 'http://www.d2sec.com/exploits/basilic_1.5.14_rce.html', 'name': 'Basilic 1.5.14 RCE', 'id': 'CVE-2012-3399'}
{'url': 'http://www.d2sec.com/exploits/phpbb_rce.html', 'name': 'Phpbb RCE', 'id': 'CVE-2005-2086'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_jprojectmanager_1.0_lfi.html', 'name': 'Joomla Component com_jprojectmanager 1.0 LFI', 'id': 'CVE-2010-1469'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_tweetla_1.0.1_lfi.html', 'name': 'Joomla Component com_tweetla 1.0.1 LFI', 'id': 'CVE-2010-1533'}
{'url': 'http://www.d2sec.com/exploits/apache_roller_ognl_injection.html', 'name': 'Apache Roller OGNL Injection', 'id': 'CVE-2013-4212'}
{'url': 'http://www.d2sec.com/exploits/bigtree_cms_4.0_rc2_sql_injection.html', 'name': 'BigTree CMS 4.0 RC2 SQL Injection', 'id': 'CVE-2013-4879'}
{'url': 'http://www.d2sec.com/exploits/phpbb_alltopics.php_sqli.html', 'name': 'phpBB alltopics.php SQLI', 'id': 'CVE-2006-4367'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_jradio__1.5.1_lfi.html', 'name': 'Joomla Component com_jradio < 1.5.1 LFI', 'id': 'CVE-2010-4719'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_vjvideo_1.0_lfi.html', 'name': 'Joomla Component com_vjvideo 1.0 LFI', 'id': 'CVE-2010-1354'}
{'url': 'http://www.d2sec.com/exploits/tomatocart_1.1.5_lfi.html', 'name': 'TomatoCart 1.1.5 LFI', 'id': 'CVE-2012-5907'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_weberpcustomer_1.2.1_lfi.html', 'name': 'Joomla Component com_weberpcustomer 1.2.1 LFI', 'id': 'CVE-2010-1315'}
{'url': 'http://www.d2sec.com/exploits/tomatocart_1.1.8_sql_injection.html', 'name': 'TomatoCart 1.1.8 SQL Injection', 'id': 'CVE-2014-3978'}
{'url': 'http://www.d2sec.com/exploits/roundcube_0.2beta_rce.html', 'name': 'Roundcube 0.2beta RCE', 'id': 'CVE-2008-5619'}
{'url': 'http://www.d2sec.com/exploits/extcalendar_rfi.html', 'name': 'Extcalendar RFI', 'id': 'CVE-2006-3556'}
{'url': 'http://www.d2sec.com/exploits/magento_file_disclosure.html', 'name': 'Magento File Disclosure', 'id': 'CVE-2012-6091'}
{'url': 'http://www.d2sec.com/exploits/newscoop_rfi.html', 'name': 'Newscoop RFI', 'id': 'CVE-2012-1933'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_news_portal_1.5.x_lfi.html', 'name': 'Joomla Component com_news_portal 1.5.x LFI', 'id': 'CVE-2010-1312'}
{'url': 'http://www.d2sec.com/exploits/wordpress_theme_tuner_0.7_rfi.html', 'name': 'WordPress Theme Tuner 0.7 RFI', 'id': 'CVE-2012-0934'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_obsuggest__1.8_lfi.html', 'name': 'Joomla Component com_obsuggest < 1.8 LFI', 'id': 'CVE-2011-4804'}
{'url': 'http://www.d2sec.com/exploits/twiki_5.1.2_rce.html', 'name': 'TWiki 5.1.2 RCE', 'id': 'CVE-2012-6329'}
{'url': 'http://www.d2sec.com/exploits/family_connections_cms_2.7.1_rce_linux.html', 'name': 'Family connections CMS 2.7.1 RCE (Linux)', 'id': 'CVE-2011-5130'}
{'url': 'http://www.d2sec.com/exploits/nuked-klan_1.7.7___sp4.4_sql_injection.html', 'name': 'Nuked-klaN 1.7.7 / SP4.4 SQL injection', 'id': 'CVE-2007-2556'}
{'url': 'http://www.d2sec.com/exploits/sonicwall_scrutinizer_9.0.1_sql_injection.html', 'name': 'SonicWALL Scrutinizer 9.0.1 SQL Injection', 'id': 'CVE-2012-2962'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_onlineexam_1.5.0_lfi.html', 'name': 'Joomla Component com_onlineexam 1.5.0 LFI', 'id': 'CVE-2010-1715'}
{'url': 'http://www.d2sec.com/exploits/sonicwall_scrutinizer_9.0.1_alarms.php_sql_injection.html', 'name': 'SonicWALL Scrutinizer 9.0.1 alarms.php SQL Injection', 'id': 'CVE-2012-1259'}
{'url': 'http://www.d2sec.com/exploits/family_connections_cms_2.7.1_rce_windows.html', 'name': 'Family connections CMS 2.7.1 RCE (Windows)', 'id': 'CVE-2011-5130'}
{'url': 'http://www.d2sec.com/exploits/apache_ofbiz_10.04.01_rce_windows.html', 'name': 'Apache OFBiz 10.04.01 RCE (Windows)', 'id': 'CVE-2012-1622'}
{'url': 'http://www.d2sec.com/exploits/twiki_debugenableplugins_rce.html', 'name': 'TWiki debugenableplugins RCE', 'id': 'CVE-2014-7236'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_picasa2gallery_1.2.8_lfi.html', 'name': 'Joomla Component com_picasa2gallery 1.2.8 LFI', 'id': 'CVE-2010-2507'}
{'url': 'http://www.d2sec.com/exploits/apache_ofbiz_10.04.01_rce_linux.html', 'name': 'Apache OFBiz 10.04.01 RCE (Linux)', 'id': 'CVE-2012-1622'}
{'url': 'http://www.d2sec.com/exploits/typo3_fd.html', 'name': 'Typo3 FD', 'id': 'CVE-2009-0815'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_picsell_1.0_lfi.html', 'name': 'Joomla Component com_picsell 1.0 LFI', 'id': 'CVE-2010-3203'}
{'url': 'http://www.d2sec.com/exploits/netgear_information_disclosure.html', 'name': 'Netgear Information Disclosure', 'id': 'CVE-2013-4775'}
{'url': 'http://www.d2sec.com/exploits/wordpress_video_embed__thumbnail_generator_1.1_rce_windows.html', 'name': 'Wordpress Video Embed & Thumbnail Generator 1.1 RCE (Windows)', 'id': 'CVE-2012-1785'}
{'url': 'http://www.d2sec.com/exploits/typo3_4.5.8_4.6.1_rfi.html', 'name': 'TYPO3 4.5.8/4.6.1 RFI', 'id': 'CVE-2011-4614'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_powermail_1.5.3_lfi.html', 'name': 'Joomla Component com_powermail 1.5.3 LFI', 'id': 'CVE-2010-1532'}
{'url': 'http://www.d2sec.com/exploits/nisuta_information_disclosure.html', 'name': 'Nisuta Information Disclosure', 'id': 'CVE-2013-7282'}
{'url': 'http://www.d2sec.com/exploits/wordpress_video_embed__thumbnail_generator_1.1_rce_linux.html', 'name': 'Wordpress Video Embed & Thumbnail Generator 1.1 RCE (Linux)', 'id': 'CVE-2012-1785'}
{'url': 'http://www.d2sec.com/exploits/foswiki_1.1.5_rce.html', 'name': 'Foswiki 1.1.5 RCE', 'id': 'CVE-2012-6330'}
{'url': 'http://www.d2sec.com/exploits/majordomo_2_file_disclosure.html', 'name': 'Majordomo 2 File Disclosure', 'id': 'CVE-2011-0049'}
{'url': 'http://www.d2sec.com/exploits/majordomo_2_file_disclosure.html', 'name': 'Majordomo 2 File Disclosure', 'id': 'CVE-2011-0063'}
{'url': 'http://www.d2sec.com/exploits/op5_monitor_5.5_license.php_rce.html', 'name': 'OP5 Monitor 5.5 license.php RCE', 'id': 'CVE-2012-0261'}
{'url': 'http://www.d2sec.com/exploits/joomla_component_com_preventive_1.0.5_lfi.html', 'name': 'Joomla Component com_preventive 1.0.5 LFI', 'id': 'CVE-2010-1475'}
{'url': 'http://www.d2sec.com/exploits/pirelli_router_information_disclosure.html', 'name': 'Pirelli Router Information Disclosure', 'id': 'CVE-2011-4497'}
{'url': 'http://www.d2sec.com/exploits/hinnendahl_gaestebuch_1.2_rfi.html', 'name': 'Hinnendahl Gaestebuch 1.2 RFI', 'id': 'CVE-2010-4884'}
{'url': 'http://www.d2sec.com/exploits/mantisbt__1.2.4_lfi.html', 'name': 'Mantisbt < 1.2.4 LFI', 'id': 'CVE-2010-4350'}
{'url': 'http://www.d2sec.com/exploits/op5_monitor_5.5_rce.html', 'name': 'OP5 Monitor 5.5 RCE', 'id': 'CVE-2012-0261'}
{'url': 'http://www.d2sec.com/exploits/vbseo_3.6.0_rce.html', 'name': 'vBSEO 3.6.0 RCE', 'id': 'CVE-2012-5223'}
{'url': 'http://www.d2sec.com/exploits/w3_total_cache_plugin_remote_code_execution.html', 'name': 'W3 Total Cache Plugin Remote Code Execution', 'id': 'CVE-2013-2010'}
{'url': 'http://www.d2sec.com/exploits/vbseo_3.6.0_functions_vbseo_hook.php_referer_rce.html', 'name': 'vBSEO 3.6.0 functions_vbseo_hook.php Referer RCE', 'id': 'CVE-2014-9463'}
{'url': 'http://www.d2sec.com/exploits/serendipity_1.6.1_sql_injection.html', 'name': 'Serendipity 1.6.1 SQL Injection', 'id': 'CVE-2012-2762'}
{'url': 'http://www.d2sec.com/exploits/mantisbt__1.2.8_lfi.html', 'name': 'Mantisbt < 1.2.8 LFI', 'id': 'CVE-2011-3357'}
{'url': 'http://www.d2sec.com/exploits/opencart_1.1.8_lfi.html', 'name': 'OpenCart 1.1.8 LFI', 'id': 'CVE-2009-1621'}
Preparing [##################################################] 300/300
INFO:root:d2sec has 261 elements (261 update)
INFO:root:Starting ms
INFO:root:ms has 1276 elements (1276 update)
INFO:root:Starting redis-nist-ref
INFO:root:redis-nist-ref has 0 elements (0 update)
INFO:root:Starting exploitdb
INFO:root:exploitdb has 36203 elements (36203 update)
INFO:root:Starting ensureindex
[+]Success to create index id on cpe
[+]Success to create index id on cpeother
[+]Success to create index id on cves
[+]Success to create index vulnerable_configuration on cves
[+]Success to create index Modified on cves
[+]Success to create index [('summary', 'text')] on cves
[+]Success to create index id on vfeed
[+]Success to create index id on vendor
[+]Success to create index id on d2sec
[+]Success to create index id on mgmt_whitelist
[+]Success to create index id on mgmt_blacklist
[+]Success to create index related_weakness on capec
[+]Success to create index id on exploitdb
INFO:root:

4. 환경설정

데이터베이스까지 업데이트 다 끝났다면, 웹 서버를 실행하기 위해 환경구성을 진행한다. 환경 구성은 CVE-SEARCH 디렉터리의 etc 디렉터리에 샘플 형태로 구성되어 있다. 다음과 같이 각각의 샘플 파일을 복사하며, 마지막 확장자인 .example을 제거하여 복사한다.

cp configuration.ini.sample configuration.ini
cp plugins.txt.sample plugins.txt

두 파일 중에 configuration.ini 파일에서 CVE-SEARCH와 관련된 구성을 진행한다. redis 서버나 몽고db 서버를 구성할 수 있지만, 여기서는 웹 서버 관련된 설정만 진행한다. 웹 서버는 [Webserver] 항목에서 진행한다. 127.0.0.1로 설정되어 있는 Host를 우분투 운영체제 아이피로 설정해야 호스트나 게스트 운영체제에서 접속 가능하다.

[Redis]
Host: localhost
Port: 6379
VendorsDB: 10
NotificationsDB: 11
RefDB: 12
[Mongo]
Host: localhost
Port: 27017
DB: cvedb
[dbmgt]
Tmpdir: ./tmp/
[FulltextIndex]
Indexdir: ./indexdir/
[Sources]
CVE: https://static.nvd.nist.gov/feeds/xml/cve/
CPE: https://static.nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.2.xml
CWE: http://cwe.mitre.org/data/xml/cwec_v2.8.xml.zip
d2sec: http://www.d2sec.com/exploits/elliot.xml
vFeed: http://www.toolswatch.org/vfeed/vfeed.db.tgz
vFeedStatus: http://www.toolswatch.org/update.dat
Vendor: https://nvd.nist.gov/download/vendorstatements.xml
CAPEC: http://capec.mitre.org/data/xml/capec_v2.6.xml
MSBULLETIN: http://download.microsoft.com/download/6/7/3/673E4349-1CA5-40B9-8879-095C72D5B49D/BulletinSearch.xlsx
Ref: https://cve.mitre.org/data/refs/refmap/allrefmaps.zip
exploitdb: https://github.com/offensive-security/exploit-database/raw/master/files.csv
[Webserver]
Host: 127.0.0.1
Port: 5000
Debug: True
PageLength: 50
LoginRequired: False
SSL: True
Certificate: ssl/cve-search.crt
Key: ssl/cve-search.key
[Logging]
Logging: True
Logfile: log/cve-search.log
MaxSize: 150MB
Backlog: 5
[CVE]
DefaultCVSS: 5
StartYear: 2002


저작자 표시 비영리 동일 조건 변경 허락
신고

댓글을 달아 주세요

  1. BlogIcon kcats 신고">2017.05.11 16:24 신고

    cve-search를 우분투 16.04에 설치하려고 하니 안되더라고요

    검색해보니 우분투 16.04에서 몽고디비 아래 링크와 같이 관련 이슈가 있었스니다.
    http://webigotr.tistory.com/73

    위 설정 후 아래 링크 처럼 /var/lib/mongodb/mongod.lock를 제거하고 다시 실행하면 정상작동 합니다.
    * http://stackoverflow.com/questions/7744147/pymongo-keeps-refusing-the-connection-at-27017


티스토리 툴바