CVE-2009-2019
published 2009-06-09CVE-2009-2019: SQL injection vulnerability in news_detail.php in Virtue News Manager allows remote attackers to execute arbitrary SQL commands via the nid parameter.
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.01%
58.8th percentile
SQL injection vulnerability in news_detail.php in Virtue News Manager allows remote attackers to execute arbitrary SQL commands via the nid parameter.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
CompleteFTP Professional 12.1.3 - Remote Code Execution
exploitdb·2020-07-09·CVSS 4.3
CVE-2019-16116 [MEDIUM] CompleteFTP Professional 12.1.3 - Remote Code Execution
CompleteFTP Professional 12.1.3 - Remote Code Execution
---
# Exploit Title: CompleteFTP Professional
""".strip()
# endregion
# region update_config
update_config = """
{XMLSCHEMA}
{XMLDIFFGRAM}
2
0
-1
-1
""".strip()
# endregion
# region xml_schema
xml_schema = """
""".replace("", ">").replace('"', """).strip()
# endregion
# region xml_diffgram
xml_diffgram = """
88428040-73b3-4497-9b6d-69af2f1cc3c7
Process Execution
EnterpriseDT.Net.FtpServer.Trigger.ProcessTrigger
2
{CONFIGURATION}
2020-03-10T18:33:41.107+08:00
2020-03-10T10:52:00.7496654+08:00
false
true
{ID}
2
Event
2009-06-29T11:48:00+08:00
2009-06-29T11:48:00+08:00
3
2020-03-10T10:50:44.4209655+08:00
2020-03-10T10:50:44.4209655+08:
Exploit-DB
Apache Olingo OData 4.0 - XML External Entity Injection
exploitdb·2019-12-11·CVSS 5.5
CVE-2019-17554 [MEDIUM] Apache Olingo OData 4.0 - XML External Entity Injection
Apache Olingo OData 4.0 - XML External Entity Injection
---
#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: Apache Olingo OData 4.0
# Vendor: Apache Foundation
# CSNC ID: CSNC-2009-025
# CVE ID: CVE-2019-17554
# Subject: XML External Entity Resolution (XXE)
# Risk: High
# Effect: Remotely exploitable
# Author: Archibald Haddock ([email protected])
# Date: 08.11.2019
#
#############################################################
Introduction:
Apache Olingo is a Java library that implements the Open Data Protocol (OData). [1]
XML data is parsed by insecurley configured software components, which can
Exploit-DB
virtue news - SQL Injection / Cross-Site Scripting
exploitdb·2009-06-08
CVE-2009-2020 virtue news - SQL Injection / Cross-Site Scripting
virtue news - SQL Injection / Cross-Site Scripting
---
Viva l'Algérie 3-1 --->Karim Matmour-->Abdel-Kader Ghazal-->Rafik al-Zuhair Jabbur-->
Félicitations à tous les Algériens
L'Algérie bat l'Egypte 3-1 à aller
El akouba pour le retour
#-------------------------AllaH AkbaR-------------------------------
#Virtue News Multiple Remote Vulnerabilities
#-------------------------------------------------------------------
#Discovered By: Snakespc ALGERIAN HaCkEr
#Mail: [email protected]
#Site:http://www.snakespc.com/sc/index.php
#
# les Algériens Kamikaz Wa4rin Fi kol Bla4s
#-------------------------SNAKES TEAM-------------------------------
#Script:Virtue News
#
#
#http://www.virtuenetz.com/news_manager.php
#--------------------------SNAKES TEAM------------------------------
#Exploit:
#-
2009-06-09
Published