CVE-2009-4600
published 2010-01-12CVE-2009-4600: SQL injection vulnerability in realestate20/loginaction.php in NetArt Media Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands…
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.00%
58.5th percentile
SQL injection vulnerability in realestate20/loginaction.php in NetArt Media Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the Email parameter (aka the username field). NOTE: some of these details are obtained from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netartmedia | media_real_estate_portal | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Real Estate Portal X.0 - Authentication Bypass
exploitdb·2009-12-09
CVE-2009-4613 Real Estate Portal X.0 - Authentication Bypass
Real Estate Portal X.0 - Authentication Bypass
---
###############################
Real Estate Portal X.0 (Auth Bypass) Remote Sql Injection
Author : AnTi SeCuRe
Email : [email protected]
TeaM : SauDi ViRuS TeaM
Site : WwW.VxX9.Cc
###############################
~ Note :Its Not Free .. Its By : $199.00
~ IF You Want To Buy It : http://www.netartmedia.net/en_Pricing.html
[~] Demo : http://www.site.com/realestate20/
[~] username: admin' or '1=1
[~] password: Anti
[~] Thanks To : Allah
~ Greets : RENO , Dr.php , Jetli007 , Gov.Hacker , ! BaD BoY ! , TeaM SauDi ViRuS , All Members Of vxx9.cc , Tryag.cc
Exploit-DB
HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities
exploitdb·2009-10-07·CVSS 4.3
CVE-2009-2684 [MEDIUM] HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities
HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities
---
Digital Security Research Group [DSecRG] Advisory #DSECRG-09-048
http://dsecrg.ru/pages/vul/show.php?id=148
Application: HP LaserJet printer web interface
Vulnerable: HP LaserJet 2200, 4350, 4600, 5500, and many others
Vendor URL: http://www.hp.com/
Bug: Multiple Stored XSS Vulnerabilities
Exploits: YES
Reported: 07.04.2009
Vendor response: 08.04.2009
Date of Public Advisory: 07.10.2009
CVE-number: CVE-2009-2684
CVSS2 score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Author: s.svistunovich, a.polyakov
Digital Security Research Group [DSecRG] (research [at] dsecrg [dot] com)
Description
Multiple security vulnerabilities have been identified with certain HP LaserJet printers,
HP Color LaserJet printers and HP Digi
Exploit-DB
HP Multiple LaserJet Printer - Cross-Site Scripting
exploitdb·2009-07-04·CVSS 4.3
CVE-2009-2684 [MEDIUM] HP Multiple LaserJet Printer - Cross-Site Scripting
HP Multiple LaserJet Printer - Cross-Site Scripting
---
Digital Security Research Group [DSecRG] Advisory #DSECRG-09-048
http://dsecrg.ru/pages/vul/show.php?id=148
Application: HP LaserJet printer web interface
Vulnerable: HP LaserJet 2200, 4350, 4600, 5500, and many others
Vendor URL: http://www.hp.com/
Bug: Multiple Stored XSS Vulnerabilities
Exploits: YES
Reported: 07.04.2009
Vendor response: 08.04.2009
Date of Public Advisory: 07.10.2009
CVE-number: CVE-2009-2684
CVSS2 score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Author: s.svistunovich, a.polyakov
Digital Security Research Group [DSecRG] (research [at] dsecrg [dot] com)
Description
Multiple security vulnerabilities have been identified with certain HP LaserJet printers,
HP Color LaserJet printers and HP Digital Senders. The vulnerabil
No writeups or analysis indexed.
http://osvdb.org/60866http://secunia.com/advisories/37633http://www.exploit-db.com/exploits/10361http://www.securityfocus.com/bid/37265https://exchange.xforce.ibmcloud.com/vulnerabilities/54647http://osvdb.org/60866http://secunia.com/advisories/37633http://www.exploit-db.com/exploits/10361http://www.securityfocus.com/bid/37265https://exchange.xforce.ibmcloud.com/vulnerabilities/54647
2010-01-12
Published