CVE-2008-6310
published 2009-02-27CVE-2008-6310: SQL injection vulnerability in index.php in W3matter RevSense 1.0 allows remote attackers to execute arbitrary SQL commands via the f[password] parameter…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.03%
59.5th percentile
SQL injection vulnerability in index.php in W3matter RevSense 1.0 allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| w3matter | revsense | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
AskPert - Authentication Bypass
exploitdb·2008-11-19
CVE-2008-6310 AskPert - Authentication Bypass
AskPert - Authentication Bypass
---
##################WwW.TR-ShaRk.Co.cC###################
#AskPert (Auth bypass) SQL Injection Vulnerability
##################WwW.TR-ShaRk.Co.cC###################
##################WwW.TR-ShaRk.Co.cC###################
#[~] Author : TR-ShaRk
#[~] Msn : [email protected]
#[~] Web : WwW.TR-ShaRk.Co.cC
#[~] I am Not Hacker
#[~] Greetz :FATAL,STR0KE,ARANELWORM,CAKI_DECCAL,CEZOHAN,WEBLOADER
#[~] Orospu Cocuklari; Elitehacker,Netshooter Kardesleri
#
#[!] Script: http://www.w3matter.com/products/askpert
#[!] Google_Dork: Powered by AskPert
##################WwW.TR-ShaRk.Co.cC###################
Go to ask/index.php?section=user&action=login
Use following information to bypass login.
Write any email Address as email address.It must to be in email forma
Exploit-DB
RevSense 1.0 - Authentication Bypass
exploitdb·2008-11-19
CVE-2008-6310 RevSense 1.0 - Authentication Bypass
RevSense 1.0 - Authentication Bypass
---
###############################################################################################
[-] RevSense v.1.0 (Auth bypass) SQL Injection Vulnerability
[+] Script home : http://www.revsense.com/
[-] Discovered By : d3b4g
[-] Greetz : str0ke /* All my freind
################################################################################################
Dork:Powered by Revsense
Go to www.target.com/index.php?section=user&action=login
Use following information to bypass login.
Write any email Address as email address.It must to be in email format.
For exapmple [email protected]
For password use ' or ' 1=1
Live demo [at] http://demo.revsense.com/index.php?section=user&action=login
I'm a maldivian
/*
# milw0rm.com [2008-11-19]
No writeups or analysis indexed.
http://secunia.com/advisories/32783http://www.securityfocus.com/bid/32365http://www.vupen.com/english/advisories/2008/3217https://exchange.xforce.ibmcloud.com/vulnerabilities/46733https://www.exploit-db.com/exploits/7163http://secunia.com/advisories/32783http://www.securityfocus.com/bid/32365http://www.vupen.com/english/advisories/2008/3217https://exchange.xforce.ibmcloud.com/vulnerabilities/46733https://www.exploit-db.com/exploits/7163
2009-02-27
Published