CVE-2009-2020
published 2009-06-09CVE-2009-2020: Cross-site scripting (XSS) vulnerability in news_detail.php in Virtue News Manager allows remote attackers to inject arbitrary web script or HTML via the nid…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.27%
66.2th percentile
Cross-site scripting (XSS) vulnerability in news_detail.php in Virtue News Manager allows remote attackers to inject arbitrary web script or HTML via the nid parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| feedgen_project | feedgen | >= 0 < 0.9.0 | 0.9.0 |
| gnu | glibc | >= 0 < 2.23-0ubuntu11.3 | 2.23-0ubuntu11.3 |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xq6f-qqhm-j4r6: Cross-site scripting (XSS) vulnerability in news_detail
ghsa_unreviewed·2022-05-02
CVE-2009-2020 [MEDIUM] CWE-79 GHSA-xq6f-qqhm-j4r6: Cross-site scripting (XSS) vulnerability in news_detail
Cross-site scripting (XSS) vulnerability in news_detail.php in Virtue News Manager allows remote attackers to inject arbitrary web script or HTML via the nid parameter.
OSV
glibc vulnerabilities
osv·2021-05-14·CVSS 7.5
CVE-2020-6096 glibc vulnerabilities
glibc vulnerabilities
Jason Royes and Samuel Dytrych discovered that the memcpy()
implementation for 32 bit ARM processors in the GNU C Library contained
an integer underflow vulnerability. An attacker could possibly use
this to cause a denial of service (application crash) or execute
arbitrary code. (CVE-2020-6096)
It was discovered that the POSIX regex implementation in the GNU C
Library did not properly parse alternatives. An attacker could use this
to cause a denial of service. (CVE-2009-5155)
GHSA
Feedgen Vulnerable to XML Denial of Service Attacks
ghsa·2020-01-28
CVE-2020-5227 [MEDIUM] CWE-776 Feedgen Vulnerable to XML Denial of Service Attacks
Feedgen Vulnerable to XML Denial of Service Attacks
### Impact
The *feedgen* library allows supplying XML as content for some of the available fields. This XML will be parsed and integrated into the existing XML tree. During this process, feedgen is vulnerable to [XML Denial of Service Attacks](https://docs.microsoft.com/en-us/archive/msdn-magazine/2009/november/xml-denial-of-service-attacks-and-defenses) (e.g. XML Bomb).
This becomes a concern in particular if feedgen is used to include content from untrused sources and if XML (including XHTML) is directly included instead of providing plain tex content only.
### Patches
This problem has been fixed in feedgen 0.9.0 which disallows XML entity expansion and external resources.
### Workarounds
Updating is strongly recommended and shou
Citrix
CVE-2020-8283: An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2
vendor_citrix·2020-12-14·CVSS 8.8
CVE-2020-8283 [HIGH] CWE-269 CVE-2020-8283: An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2
CVE-2020-8283: An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9.
Suricata
ET WEB_SPECIFIC_APPS phpMyAdmin Remote Code Execution Proof of Concept (c=)
suricata·2010-07-30
CVE-2009-1151 ET WEB_SPECIFIC_APPS phpMyAdmin Remote Code Execution Proof of Concept (c=)
ET WEB_SPECIFIC_APPS phpMyAdmin Remote Code Execution Proof of Concept (c=)
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS phpMyAdmin Remote Code Execution Proof of Concept (c=)"; flow:established,to_server; http.uri; content:"/config/config.inc.php"; content:"c="; reference:url,www.gnucitizen.org/blog/cve-2009-1151-phpmyadmin-remote-code-execution-proof-of-concept/; classtype:web-application-attack; sid:2010903; rev:7; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SERVER Possible Microsoft Internet Information Services (IIS) .asp Filename Extension Parsing File Upload Security Bypass Attempt (asp)
suricata·2010-07-30
CVE-2009-4444 ET WEB_SERVER Possible Microsoft Internet Information Services (IIS) .asp Filename Extension Parsing File Upload Security Bypass Attempt (asp)
ET WEB_SERVER Possible Microsoft Internet Information Services (IIS) .asp Filename Extension Parsing File Upload Security Bypass Attempt (asp)
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Possible Microsoft Internet Information Services (IIS) .asp Filename Extension Parsing File Upload Security Bypass Attempt (asp)"; flow:established,to_server; http.uri; content:".asp|3B 2E|"; nocase; reference:url,www.securityfocus.com/bid/37460/info; reference:url,www.securityfocus.com/bid/37460/info; reference:url,soroush.secproject.com/downloadable/iis-semicolon-report.pdf; reference:cve,2009-4444; classtype:web-application-attack; sid:2010592; rev:9; metadata:created_at 2010_07_30, cve CVE_2009_4444, confidence Medium, signature_severity Major, updated_at 2020_08_20;)
Suricata
ET WEB_SPECIFIC_APPS CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability
suricata·2010-07-30·CVSS 7.5
CVE-2009-3326 [HIGH] ET WEB_SPECIFIC_APPS CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability
ET WEB_SPECIFIC_APPS CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability"; flow:established,to_server; http.uri; content:"/index.php?"; nocase; content:"id_menu="; fast_pattern; distance:0; nocase; content:"INSERT"; distance:0; nocase; content:"INTO"; distance:0; nocase; reference:cve,CVE-2009-3326; reference:url,www.milw0rm.com/exploits/9727; classtype:web-application-attack; sid:2009978; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, signature_severity Major, tag SQL_Injection, updated_at 2020_09_14, mitre_tactic_id TA0001, mitre_tactic_name Initial_A
Suricata
ET WEB_SERVER Possible Cisco Adaptive Security Appliance Web VPN FTP or CIFS Authentication Form Phishing Attempt
suricata·2010-07-30
CVE-2009-1203 ET WEB_SERVER Possible Cisco Adaptive Security Appliance Web VPN FTP or CIFS Authentication Form Phishing Attempt
ET WEB_SERVER Possible Cisco Adaptive Security Appliance Web VPN FTP or CIFS Authentication Form Phishing Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER Possible Cisco Adaptive Security Appliance Web VPN FTP or CIFS Authentication Form Phishing Attempt"; flow:established,to_server; http.uri; content:"+CSCOE+/files/browse.html"; nocase; fast_pattern; content:"code=init"; nocase; distance:0; content:"path=ftp"; nocase; distance:0; reference:url,www.securityfocus.com/bid/35475/info; reference:cve,2009-1203; classtype:attempted-user; sid:2010457; rev:9; metadata:attack_target Client_Endpoint, created_at 2010_07_30, cve CVE_2009_1203, deployment Perimeter, confidence Medium, signature_severity Major, tag Phishing, updated_at 2020_11_07;)
Suricata
ET WEB_SPECIFIC_APPS Possible HP Power Manager Management Web Server Login Remote Buffer Overflow Attempt
suricata·2010-07-30
CVE-2009-2685 ET WEB_SPECIFIC_APPS Possible HP Power Manager Management Web Server Login Remote Buffer Overflow Attempt
ET WEB_SPECIFIC_APPS Possible HP Power Manager Management Web Server Login Remote Buffer Overflow Attempt
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Possible HP Power Manager Management Web Server Login Remote Buffer Overflow Attempt"; flow:established,to_server; http.method; content:"POST"; nocase; http.uri; content:"/goform/formLogin"; nocase; http.request_body; content:"Login="; nocase; content:!"|0A|"; within:300; isdataat:300,relative; pcre:"/Login=[^\r\n]{300}/i"; reference:url,www.securityfocus.com/bid/36933; reference:cve,2009-2685; classtype:web-application-attack; sid:2010699; rev:8; metadata:created_at 2010_07_30, cve CVE_2009_2685, confidence Low, signature_severity Major, updated_at 2020_09_04;)
Suricata
ET WEB_SPECIFIC_APPS CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability
suricata·2010-07-30·CVSS 7.5
CVE-2009-3326 [HIGH] ET WEB_SPECIFIC_APPS CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability
ET WEB_SPECIFIC_APPS CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS CMScontrol 7.x (index.php id_menu) SQL Injection Vulnerability"; flow:established,to_server; http.uri; content:"/index.php?"; nocase; content:"id_menu="; fast_pattern; nocase; distance:0; content:"SELECT"; nocase; distance:0; content:"FROM"; nocase; distance:0; reference:cve,CVE-2009-3326; reference:url,www.milw0rm.com/exploits/9727; classtype:web-application-attack; sid:2009980; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, signature_severity Major, tag SQL_Injection, updated_at 2020_09_13, mitre_tactic_id TA0001, mitre_tactic_name Initial_A
Suricata
ET WEB_SPECIFIC_APPS phpMyAdmin Remote Code Execution Proof of Concept (p=)
suricata·2010-07-30
CVE-2009-1151 ET WEB_SPECIFIC_APPS phpMyAdmin Remote Code Execution Proof of Concept (p=)
ET WEB_SPECIFIC_APPS phpMyAdmin Remote Code Execution Proof of Concept (p=)
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS phpMyAdmin Remote Code Execution Proof of Concept (p=)"; flow:established,to_server; http.uri; content:"/config/config.inc.php"; content:"p=phpinfo()"; reference:url,www.gnucitizen.org/blog/cve-2009-1151-phpmyadmin-remote-code-execution-proof-of-concept/; classtype:web-application-attack; sid:2010902; rev:7; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)
Suricata
ET WEB_SERVER Possible Microsoft Internet Information Services (IIS) .aspx Filename Extension Parsing File Upload Security Bypass Attempt (aspx)
suricata·2010-07-30
CVE-2009-4444 ET WEB_SERVER Possible Microsoft Internet Information Services (IIS) .aspx Filename Extension Parsing File Upload Security Bypass Attempt (aspx)
ET WEB_SERVER Possible Microsoft Internet Information Services (IIS) .aspx Filename Extension Parsing File Upload Security Bypass Attempt (aspx)
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Possible Microsoft Internet Information Services (IIS) .aspx Filename Extension Parsing File Upload Security Bypass Attempt (aspx)"; flow:established,to_server; http.uri; content:".aspx|3B 2E|"; nocase; reference:url,www.securityfocus.com/bid/37460/info; reference:url,www.securityfocus.com/bid/37460/info; reference:url,soroush.secproject.com/downloadable/iis-semicolon-report.pdf; reference:cve,2009-4444; classtype:web-application-attack; sid:2010593; rev:10; metadata:created_at 2010_07_30, cve CVE_2009_4444, confidence Medium, signature_severity Major, updated_at 2020_09_
Suricata
ET WEB_SERVER Possible HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow Attempt
suricata·2010-07-30
CVE-2009-4179 ET WEB_SERVER Possible HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow Attempt
ET WEB_SERVER Possible HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow Attempt
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Possible HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow Attempt"; flow:established,to_server; http.method; content:"GET"; nocase; http.uri; content:"/OvCgi/ovalarm.exe"; nocase; fast_pattern; content:"OVABverbose="; nocase; distance:0; pcre:"/^(1|on|true)/Ri"; http.accept_lang; isdataat:100,relative; reference:cve,2009-4179; classtype:web-application-attack; sid:2010704; rev:10; metadata:created_at 2010_07_30, cve CVE_2009_4179, confidence Low, signature_severity Major, updated_at 2020_11_07;)
Exploit-DB
CompleteFTP Professional 12.1.3 - Remote Code Execution
exploitdb·2020-07-09·CVSS 4.3
CVE-2019-16116 [MEDIUM] CompleteFTP Professional 12.1.3 - Remote Code Execution
CompleteFTP Professional 12.1.3 - Remote Code Execution
---
# Exploit Title: CompleteFTP Professional
""".strip()
# endregion
# region update_config
update_config = """
{XMLSCHEMA}
{XMLDIFFGRAM}
2
0
-1
-1
""".strip()
# endregion
# region xml_schema
xml_schema = """
""".replace("", ">").replace('"', """).strip()
# endregion
# region xml_diffgram
xml_diffgram = """
88428040-73b3-4497-9b6d-69af2f1cc3c7
Process Execution
EnterpriseDT.Net.FtpServer.Trigger.ProcessTrigger
2
{CONFIGURATION}
2020-03-10T18:33:41.107+08:00
2020-03-10T10:52:00.7496654+08:00
false
true
{ID}
2
Event
2009-06-29T11:48:00+08:00
2009-06-29T11:48:00+08:00
3
2020-03-10T10:50:44.4209655+08:00
2020-03-10T10:50:44.4209655+08:
Exploit-DB
virtue news - SQL Injection / Cross-Site Scripting
exploitdb·2009-06-08
CVE-2009-2020 virtue news - SQL Injection / Cross-Site Scripting
virtue news - SQL Injection / Cross-Site Scripting
---
Viva l'Algérie 3-1 --->Karim Matmour-->Abdel-Kader Ghazal-->Rafik al-Zuhair Jabbur-->
Félicitations à tous les Algériens
L'Algérie bat l'Egypte 3-1 à aller
El akouba pour le retour
#-------------------------AllaH AkbaR-------------------------------
#Virtue News Multiple Remote Vulnerabilities
#-------------------------------------------------------------------
#Discovered By: Snakespc ALGERIAN HaCkEr
#Mail: [email protected]
#Site:http://www.snakespc.com/sc/index.php
#
# les Algériens Kamikaz Wa4rin Fi kol Bla4s
#-------------------------SNAKES TEAM-------------------------------
#Script:Virtue News
#
#
#http://www.virtuenetz.com/news_manager.php
#--------------------------SNAKES TEAM------------------------------
#Exploit:
#-
2009-06-09
Published