CVE-2010-0631
published 2010-02-12CVE-2010-0631: Multiple SQL injection vulnerabilities in index.php in Eicra Car Rental-Script, when the plugin_id parameter is 4, allow remote attackers to execute arbitrary…
PriorityP343high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
0.92%
55.6th percentile
Multiple SQL injection vulnerabilities in index.php in Eicra Car Rental-Script, when the plugin_id parameter is 4, allow remote attackers to execute arbitrary SQL commands via the (1) users (username) and (2) passwords parameters.
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.2HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4qvq-xp3p-8jfq: Multiple SQL injection vulnerabilities in index
ghsa_unreviewed·2022-05-02
CVE-2010-0631 [HIGH] CWE-89 GHSA-4qvq-xp3p-8jfq: Multiple SQL injection vulnerabilities in index
Multiple SQL injection vulnerabilities in index.php in Eicra Car Rental-Script, when the plugin_id parameter is 4, allow remote attackers to execute arbitrary SQL commands via the (1) users (username) and (2) passwords parameters.
Red Hat
kernel: tty: release_one_tty() forgets to put pids
vendor_redhat·2010-04-03·CVSS 7.2
CVE-2010-1162 [HIGH] kernel: tty: release_one_tty() forgets to put pids
kernel: tty: release_one_tty() forgets to put pids
The release_one_tty function in drivers/char/tty_io.c in the Linux kernel before 2.6.34-rc4 omits certain required calls to the put_pid function, which has unspecified impact and local attack vectors.
Statement: This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 3, 4 and 5 as they did not include upstream commit ab521dc0 that introduced the problem. This issue was addressed in Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2010-0631.html.
Suricata
ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2007-0631 [HIGH] ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid DELETE
ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid DELETE"; flow:established,to_server; http.uri; content:"/index.php?"; nocase; content:"catid="; nocase; fast_pattern; content:"DELETE"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-0631; reference:url,www.milw0rm.com/exploits/3227; classtype:web-application-attack; sid:2005114; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitr
Suricata
ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-0631 [HIGH] ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid UNION SELECT
ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid UNION SELECT"; flow:established,to_server; http.uri; content:"/index.php?"; nocase; content:"catid="; nocase; fast_pattern; content:"UNION"; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-0631; reference:url,www.milw0rm.com/exploits/3227; classtype:web-application-attack; sid:2005112; rev:10; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_i
Suricata
ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2007-0631 [HIGH] ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid ASCII
ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid ASCII"; flow:established,to_server; http.uri; content:"/index.php?"; nocase; content:"catid="; nocase; fast_pattern; content:"ASCII("; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-0631; reference:url,www.milw0rm.com/exploits/3227; classtype:web-application-attack; sid:2005115; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitr
Suricata
ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2007-0631 [HIGH] ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid INSERT
ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid INSERT"; flow:established,to_server; http.uri; content:"/index.php?"; nocase; content:"catid="; nocase; fast_pattern; content:"INSERT"; nocase; content:"INTO"; nocase; distance:0; reference:cve,CVE-2007-0631; reference:url,www.milw0rm.com/exploits/3227; classtype:web-application-attack; sid:2005113; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitr
Suricata
ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2007-0631 [HIGH] ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid UPDATE
ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Eclectic Designs CascadianFAQ SQL Injection Attempt -- index.php catid UPDATE"; flow:established,to_server; http.uri; content:"/index.php?"; nocase; content:"catid="; nocase; fast_pattern; content:"UPDATE"; nocase; content:"SET"; nocase; distance:0; reference:cve,CVE-2007-0631; reference:url,www.milw0rm.com/exploits/3227; classtype:web-application-attack; sid:2005116; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre
Bugzilla
CVE-2010-1162 kernel: tty: release_one_tty() forgets to put pids
bugzilla·2010-04-14·CVSS 7.2
CVE-2010-1162 [HIGH] CVE-2010-1162 kernel: tty: release_one_tty() forgets to put pids
CVE-2010-1162 kernel: tty: release_one_tty() forgets to put pids
Description of problem:
release_one_tty(tty) can be called when tty still has a reference to pgrp/session. In this case we leak the pid.
Upstream commit:
http://git.kernel.org/linus/6da8d866d0d39e9509ff826660f6a86a6757c966
Discussion:
pgrp member in struct tty_struct was converted to struct pid in commit ab521dc0, so kernels of version v2.6.21-rc1 and above are affected by this. mrg-1 backported this patch.
Statement:
This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 3, 4 and 5 as they did not include upstream commit ab521dc0 that introduced the problem. This issue was addressed in Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2010-0631.html.
---
This i
Bugzilla
CVE-2010-1088 kernel: fix LOOKUP_FOLLOW on automount "symlinks"
bugzilla·2010-02-24·CVSS 5.4
CVE-2010-1088 [MEDIUM] CVE-2010-1088 kernel: fix LOOKUP_FOLLOW on automount "symlinks"
CVE-2010-1088 kernel: fix LOOKUP_FOLLOW on automount "symlinks"
Description of problem:
Make sure that automount "symlinks" are followed regardless of LOOKUP_FOLLOW; it should have no effect on them.
Upstream commit:
http://git.kernel.org/linus/ac278a9c505092dd82077a2446af8f9fc0d9c095
For this vulnerability to work, you need the support for O_NOFOLLOW (predates 2.6.12), openat (2.6.16 onwards) and use by NFS of 'trapdoor mounts' (2.6.18 onwards).
Discussion:
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Via RHSA-2010:0504 https://rhn.redhat.com/errata/RHSA-2010-0504.html
---
This issue has been addressed in following products:
MRG for RHEL-5
Via RHSA-2010:0631 https://rhn.redhat.com/errata/RHSA-2010-0631.html
2010-02-12
Published