CVE-2009-2023
published 2009-06-09CVE-2009-2023: SQL injection vulnerability in index.php in Shop-Script Pro 2.12, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands…
PriorityP337medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
0.95%
56.8th percentile
SQL injection vulnerability in index.php in Shop-Script Pro 2.12, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the current_currency parameter.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | >= 6.3.0 < 6.3.6 | 6.3.6 |
| msrc | windows_defender_antimalware_platform | — | — |
| shop-script | shop-script | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vendor_redhat8.0HIGH
vendor_msrc7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
net/mlx5e: TC, Fix using eswitch mapping in nic mode
osv·2025-12-30
CVE-2023-54216 net/mlx5e: TC, Fix using eswitch mapping in nic mode
net/mlx5e: TC, Fix using eswitch mapping in nic mode
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: TC, Fix using eswitch mapping in nic mode
Cited patch is using the eswitch object mapping pool while
in nic mode where it isn't initialized. This results in the
trace below [0].
Fix that by using either nic or eswitch object mapping pool
depending if eswitch is enabled or not.
[0]:
[ 826.446057] ==================================================================
[ 826.446729] BUG: KASAN: slab-use-after-free in mlx5_add_flow_rules+0x30/0x490 [mlx5_core]
[ 826.447515] Read of size 8 at addr ffff888194485830 by task tc/6233
[ 826.448243] CPU: 16 PID: 6233 Comm: tc Tainted: G W 6.3.0-rc6+ #1
[ 826.448890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BI
GHSA
GHSA-ffx6-gv7p-ch36: SQL injection vulnerability in index
ghsa_unreviewed·2022-05-02
CVE-2009-2023 [MEDIUM] CWE-89 GHSA-ffx6-gv7p-ch36: SQL injection vulnerability in index
SQL injection vulnerability in index.php in Shop-Script Pro 2.12, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the current_currency parameter.
No detection rules found.
Exploit-DB
Shop Script Pro 2.12 - SQL Injection
exploitdb·2009-06-08
CVE-2009-2023 Shop Script Pro 2.12 - SQL Injection
Shop Script Pro 2.12 - SQL Injection
---
#!/usr/bin/perl
=about
VENDOR
Shop Script Pro 2.12
(maybe other versions vulnerable too)
http://www.shop-script.com/
AUTHOR
discovered & written by Ams
ax330d [doggy] gmail [dot] com
http://www.0x416d73.name/
VULN. DESCRIPTION
Look in index.php at line 101.
Variable $current_currency is set from $_SESSION["current_currency"]
which is set in "/core_functions/currency_functions.php" in function
currSetCurrentCurrency() at line 17 via "/includes/change_currency.php"
at line 13. This variable is not filtered.
EXPLOIT WORK
First exploit looks for file "linkpoint.php" in
hope to find full server path. If not found, then it bruteforces
those paths, otherwise will use found one.
Also at this time session is being set.
Exploit then sends POST request
Nuclei
Pretty Url <= 1.5.4 - Cross-Site Scripting
nuclei·CVSS 4.8
CVE-2023-2009 [MEDIUM] Pretty Url <= 1.5.4 - Cross-Site Scripting
Pretty Url ")'
- 'contains(body_3, "prettyurls")'
condition: and
extractors:
- type: regex
internal: true
name: nonce
part: body
group: 1
regex:
- 'name="_wpnonce" value="([0-9a-z]+)" />'
# digest: 490a0046304402207290b78c8d49ebc60b5459d70dbec3d44bd4a84368dc6cc9f0b633caa44ea0ae0220239ad393fb25a78c7b54de74b23d3eaff8da0efa16b5968c3967b5dee8d7a4db:922c64590222798bb761d5b6d8e72950
No writeups or analysis indexed.
2009-06-09
Published