CVE-2010-0800
published 2010-03-02CVE-2010-0800: SQL injection vulnerability in the Ossolution Team Documents Seller (aka DMS) (com_dms) component 2.5.1 for Joomla! allows remote attackers to execute…
PriorityP344high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.15%
62.9th percentile
SQL injection vulnerability in the Ossolution Team Documents Seller (aka DMS) (com_dms) component 2.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter in a view_category action to index.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| joomservices | com_dms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
GPL FTP SITE NEWER overflow attempt
suricata·2010-09-23
CVE-1999-0800 GPL FTP SITE NEWER overflow attempt
GPL FTP SITE NEWER overflow attempt
Rule: alert ftp $EXTERNAL_NET any -> $HOME_NET 21 (msg:"GPL FTP SITE NEWER overflow attempt"; flow:established,to_server; content:"SITE"; nocase; content:"NEWER"; distance:0; nocase; isdataat:100,relative; pcre:"/^SITE\s+NEWER\s[^\n]{100}/smi"; reference:bugtraq,229; reference:cve,1999-0800; classtype:attempted-admin; sid:2101920; rev:9; metadata:created_at 2010_09_23, cve CVE_1999_0800, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Exploit-DB
Joomla! Component com_dms 2.5.1 - SQL Injection
exploitdb·2010-01-30
CVE-2010-0800 Joomla! Component com_dms 2.5.1 - SQL Injection
Joomla! Component com_dms 2.5.1 - SQL Injection
---
/**************************************************************************
[~] Joomla Component com_dms Remote SQL injection vulnerability - (category_id)
[~] Author : kaMtiEz ([email protected])
[~] Homepage : http://www.indonesiancoder.com
[~] Date : 28 January, 2010
**************************************************************************/
[ Software Information ]
[+] Vendor : http://joomdonation.com/
[+] Info : http://joomdonation.com/index.php?option=com_content&view=article&id=41&Itemid=40
[+] version : 2.5.1 or lower maybe also affected
[+] Vulnerability : SQL injection
[+] Dork : inurl:"com_dms"
[+] Type : commercial
[ Vulnerable File ]
http://server/index.php?option=com_dms&task=view_category&category_id=[INDONESIANCO
Exploit-DB
Irix LPD tagprinter - Command Execution (Metasploit)
exploitdb·2001-09-01
CVE-2001-0800 Irix LPD tagprinter - Command Execution (Metasploit)
Irix LPD tagprinter - Command Execution (Metasploit)
---
##
# $Id: tagprinter_exec.rb 10561 2010-10-06 00:53:45Z hdm $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Irix LPD tagprinter Command Execution',
'Description' => %q{
This module exploits an arbitrary command execution flaw in
the in.lpd service shipped with all versions of Irix.
},
'Author' => [ 'optyx', 'hdm' ],
'License' => MSF_LICENSE,
'Version' => '$Revision: 10561 $',
'References' =>
[
['CVE', '2001-0800'],
['OSVDB', '8573'],
['URL', 'http://www.lsd-pl.net/code/IRIX/irx_lpsc
No writeups or analysis indexed.
http://osvdb.org/62040http://secunia.com/advisories/38410http://www.exploit-db.com/exploits/11289http://www.securityfocus.com/bid/38017http://www.securityfocus.com/bid/38024https://exchange.xforce.ibmcloud.com/vulnerabilities/56006http://osvdb.org/62040http://secunia.com/advisories/38410http://www.exploit-db.com/exploits/11289http://www.securityfocus.com/bid/38017http://www.securityfocus.com/bid/38024https://exchange.xforce.ibmcloud.com/vulnerabilities/56006
2010-03-02
Published