CVE-2009-3203
published 2009-09-16CVE-2009-3203: SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter.
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
0.99%
58.2th percentile
SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ajsquare | aj_auction_pro-oopd | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
AJ Auction Pro OOPD 2.x - 'id' SQL Injection
exploitdb·2009-08-18
CVE-2009-3203 AJ Auction Pro OOPD 2.x - 'id' SQL Injection
AJ Auction Pro OOPD 2.x - 'id' SQL Injection
---
#!/usr/bin/perl
#********************************************************#
# #
# [o] AJ Auction Pro OOPD 2.x SQL Injection Exploit #
# Software : AJ Auction Pro OOPD 2.x #
# Vendor : http://www.ajsquare.com/ #
# Author : NoGe #
# Contact : noge[dot]code[at]gmail[dot]com #
# Blog : http://evilc0de.blogspot.com #
# #
# [o] Usage #
# root@noge:~# perl ajpro.pl www.target.com #
# #
# [o] Dork #
# "Powered By AJ Auction Pro" #
# #
# [o] Greetz #
# MainHack BrotherHood [ http://mainhack.net ] #
# Vrs-hCk OoN_BoY Paman bL4Ck_3n91n3 Angela Zhang #
# H312Y yooogy mousekill }^-^{ loqsa zxvf martfella #
# skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke #
# #
#********************************************************#
use HTTP::Request;
use LWP::UserAg
Exploit-DB
ArcaVir 2009 < 9.4.320X.9 - 'ps_drv.sys' Local Privilege Escalation
exploitdb·2009-05-26
CVE-2009-1824 ArcaVir 2009 < 9.4.320X.9 - 'ps_drv.sys' Local Privilege Escalation
ArcaVir 2009 < 9.4.320X.9 - 'ps_drv.sys' Local Privilege Escalation
---
////////////////////////////////////////////////////////////////////////////////////
// +----------------------------------------------------------------------------+ //
// | | //
// | ArcaBit Sp. z o.o. - http://www.arcabit.com/ | //
// | | //
// | Affected Software: | //
// | ArcaVir 2009 Antivirus Protection <= 9.4.3201.9 | //
// | ArcaVir 2009 Internet Security <= 9.4.3202.9 | //
// | ArcaVir 2009 System Protection <= 9.4.3203.9 | //
// | ArcaVir 2009 Home Protection <= 9.4.3204.9 | //
// | | //
// | Affected Driver: | //
// | ps_drv.sys | //
// | | //
// | Local Privilege Escalation Exploit | //
// | For Educational Purposes Only ! | //
// | | //
// +--------------------------------------------------------------
No writeups or analysis indexed.
http://osvdb.org/57159http://packetstormsecurity.org/0908-exploits/ajauctionoopd2-sql.txthttp://secunia.com/advisories/36369https://exchange.xforce.ibmcloud.com/vulnerabilities/52527http://osvdb.org/57159http://packetstormsecurity.org/0908-exploits/ajauctionoopd2-sql.txthttp://secunia.com/advisories/36369https://exchange.xforce.ibmcloud.com/vulnerabilities/52527
2009-09-16
Published