CVE-2006-1234
published 2006-03-14CVE-2006-1234: SQL injection vulnerability in index.php in DSCounter 1.2, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the…
PriorityP433medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
3.48%
87.6th percentile
SQL injection vulnerability in index.php in DSCounter 1.2, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field (HTTP_X_FORWARDED_FOR environment variable) in an HTTP header.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dsportal | dscounter | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Blojsom 2.31 - Cross-Site Scripting
exploitdb·2006-09-14
CVE-2006-4829 Blojsom 2.31 - Cross-Site Scripting
Blojsom 2.31 - Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/20026/info
Blojsom is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
To demonstrate the vulnerability, simply embed the following encoded text into the identified vulnerable fields.
'>alert(1234)
This will have the effect of popping up an alert window. This proof of concept could easily be altered to cause the script to return authentication credentials to an attacker-controlled server.
Exploit-DB
DSCounter 1.2 - 'index.php' SQL Injection
exploitdb·2006-03-14
CVE-2006-1234 DSCounter 1.2 - 'index.php' SQL Injection
DSCounter 1.2 - 'index.php' SQL Injection
---
source: https://www.securityfocus.com/bid/17112/info
DSCounter is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
The following proof of concept has been provided:
Get /index.php HTTP/1.0
Host: [host]
X-Forwarded-For: aaa' or 1/*
Exploit-DB
Firebird 1.5 - Inet_Server Local Buffer Overflow
exploitdb·2006-03-13
CVE-2006-1240 Firebird 1.5 - Inet_Server Local Buffer Overflow
Firebird 1.5 - Inet_Server Local Buffer Overflow
---
source: https://www.securityfocus.com/bid/17077/info
Firebird is susceptible to a local buffer-overflow vulnerability. This issue is due to the application's failure to properly check boundaries of user-supplied command-line argument data before copying it to an insufficiently sized memory buffer.
Attackers may exploit this issue to execute arbitrary machine code with elevated privileges, because the affected binaries are often installed with setuid privileges.
./fbserver -p `perl -e 'print "a"x155;'`1234
Exploit-DB
Doomsday 1.8/1.9 - Multiple Remote Format String Vulnerabilities
exploitdb·2005-04-03
CVE-2006-1618 Doomsday 1.8/1.9 - Multiple Remote Format String Vulnerabilities
Doomsday 1.8/1.9 - Multiple Remote Format String Vulnerabilities
---
source: https://www.securityfocus.com/bid/17369/info
Doomsday is prone to multiple remote format-string vulnerabilities.
These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit these issues to execute arbitrary code in the context of the vulnerable application or crash the affected game server, effectively denying service to legitimate users.
Telnet to TCP port 13209 and issue the following command:
JOIN 1234 %n%n%n%n%n%n
No writeups or analysis indexed.
http://evuln.com/vulns/98/summary.htmlhttp://secunia.com/advisories/19206http://securityreason.com/securityalert/627http://securitytracker.com/id?1015756http://www.osvdb.org/23882http://www.securityfocus.com/archive/1/428807/100/0/threadedhttp://www.securityfocus.com/bid/17112http://www.vupen.com/english/advisories/2006/0933https://exchange.xforce.ibmcloud.com/vulnerabilities/25190http://evuln.com/vulns/98/summary.htmlhttp://secunia.com/advisories/19206http://securityreason.com/securityalert/627http://securitytracker.com/id?1015756http://www.osvdb.org/23882http://www.securityfocus.com/archive/1/428807/100/0/threadedhttp://www.securityfocus.com/bid/17112http://www.vupen.com/english/advisories/2006/0933https://exchange.xforce.ibmcloud.com/vulnerabilities/25190
2006-03-14
Published