CVE-2009-3529
published 2009-10-02CVE-2009-3529: SQL injection vulnerability in index.php in RadScripts RadBids Gold 4 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a…
PriorityP337medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
0.85%
53.5th percentile
SQL injection vulnerability in index.php in RadScripts RadBids Gold 4 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action, a different vector than CVE-2005-1074.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| radscripts | radbids | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
radbids gold 4.0 - Multiple Vulnerabilities
exploitdb·2009-07-17
CVE-2009-3530 radbids gold 4.0 - Multiple Vulnerabilities
radbids gold 4.0 - Multiple Vulnerabilities
---
###########################################################################
#-----------------------------I AM MUSLIM !!------------------------------#
###########################################################################
_ _ _ _ _ _
/ \ | | | | / \ | | | |
/ _ \ | | | | / _ \ | |_| |
/ ___ \ | |___ | |___ / ___ \ | _ |
IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_|
[»] [!] Coder - Developer HTML / CSS / PHP / Vb6 . [!]
[»] RadBIDS GOLD v4 Multiple Remote Vulnerabilities
[»] Script: [ RadBIDS GOLD v4 ]
[»] Language: [ PHP ]
[»] Download: [ http://www.radscripts.com/auctionsoftware/ebay_style/index.html ]
[»] Founder: [ Moudi ]
[»] Thanks to: [ MiZoZ , ZuKa , str0ke , 599em Man , Security-Shell ...]
[»] Team: [ Evil
Exploit-DB
Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)
exploitdb·2009-05-26·CVSS 10.0
CVE-2008-3529 [CRITICAL] Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)
Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)
---
#!/usr/bin/ruby
#
# Quick-n-dirty PoC for APPLE-SA-2009-05-12 ala CVE-2008-3529
# Safari RSS feed:// buffer overflow via libxml2 by KF of Digitalmunition and Netragard
# http://www.digitalmunition.com , http://www.netragard.com
#
# The application PubSubAgent quit unexpectedly.
#
# Process: PubSubAgent [3764]
# Path: /System/Library/Frameworks/PubSub.framework/Versions/A/Resources/PubSubAgent.app/Contents/MacOS/PubSubAgent
# Identifier: PubSubAgent
# Version: ??? (???)
# Code Type: X86 (Native)
# Parent Process: launchd [282]
#
# Date/Time: 2008-10-31 15:31:41.355 -0400
# OS Version: Mac OS X 10.5.5 (9F33)
# Report Version: 6
#
# Exception Type: EXC_BAD_ACCESS (SIGSEGV)
# Exception Codes: KERN_INVALID_ADDRESS at 0x0000000
No writeups or analysis indexed.
2009-10-02
Published