CVE-2006-1081
published 2006-03-09CVE-2006-1081: SQL injection vulnerability in forgotten_password.php in Jonathan Beckett PluggedOut Nexus 0.1 allows remote attackers to execute arbitrary SQL commands via…
PriorityP339high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.83%
76.1th percentile
SQL injection vulnerability in forgotten_password.php in Jonathan Beckett PluggedOut Nexus 0.1 allows remote attackers to execute arbitrary SQL commands via the email parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jonathan_beckett | pluggedout_nexus | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 2.0 - Stack Buffer Overflow (Denial of Service) (PoC)
exploitdb·2013-04-12
CVE-2006-6184 Allied Telesyn TFTP (AT-TFTP) Server/Daemon 2.0 - Stack Buffer Overflow (Denial of Service) (PoC)
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 2.0 - Stack Buffer Overflow (Denial of Service) (PoC)
---
# Exploit Title: AT-TFTP 2.0 long filename stack based buffer overflow - DOS
# Date: 12.04.2013
# Exploit Author: xis_one@STM Solutions
# Vendor Homepage: http://www.alliedtelesis.com/
# Software Link: http://alliedtelesis.custhelp.com/cgi-bin/alliedtelesis.cfg/php/enduser/std_adp.php?p_faqid=1081&p_created=981539150&p_topview=1
# Version: 2.0
# Tested on: Windows XP SP3
#
# From 1.9 Remote Exec BOF disovered in 2006 by [email protected] to 2.0 Remote DOS BOF 2013 - no lesson learned.
# Two variants:
#
# 1. SEH overwrite but no exception handler trigger (cookie on stack?)
# 2. Read access violation (non-exploitable?)
#
# Still we can crash the server remotely.
#
#!/usr/bin/python
import
Exploit-DB
PluggedOut Nexus 0.1 - 'forgotten_password.php' SQL Injection
exploitdb·2006-03-02
CVE-2006-1081 PluggedOut Nexus 0.1 - 'forgotten_password.php' SQL Injection
PluggedOut Nexus 0.1 - 'forgotten_password.php' SQL Injection
---
source: https://www.securityfocus.com/bid/16915/info
PluggedOut Nexus is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Nexus 0.1 is reportedly affected by this issue.
The following proof of concept exploit is available:
Insert this code in E-Mail Address form (http://www.example.com/Nexus/forgotten_password.php) :
hamidnetworksecurityteam' union select
cUsername,cPassword,'[email protected]' from
nexus_users WHERE nUserId=1 and
No writeups or analysis indexed.
http://hamid.ir/security/nexus.txthttp://secunia.com/advisories/19089http://securityreason.com/securityalert/536http://securitytracker.com/id?1015715http://www.securityfocus.com/archive/1/426575/100/0/threadedhttp://www.securityfocus.com/bid/16915http://www.vupen.com/english/advisories/2006/0809https://exchange.xforce.ibmcloud.com/vulnerabilities/25017http://hamid.ir/security/nexus.txthttp://secunia.com/advisories/19089http://securityreason.com/securityalert/536http://securitytracker.com/id?1015715http://www.securityfocus.com/archive/1/426575/100/0/threadedhttp://www.securityfocus.com/bid/16915http://www.vupen.com/english/advisories/2006/0809https://exchange.xforce.ibmcloud.com/vulnerabilities/25017
2006-03-09
Published