CVE-2010-0803
published 2010-03-02CVE-2010-0803: SQL injection vulnerability in the jVideoDirect (com_jvideodirect) component 1.1 RC3b for Joomla! allows remote attackers to execute arbitrary SQL commands via…
PriorityP343high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.15%
62.9th percentile
SQL injection vulnerability in the jVideoDirect (com_jvideodirect) component 1.1 RC3b for Joomla! allows remote attackers to execute arbitrary SQL commands via the v parameter to index.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jvideodirect | com_jvideodirect | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Solaris dtspcd - Remote Heap Overflow (Metasploit)
exploitdb·2010-04-30
CVE-2001-0803 Solaris dtspcd - Remote Heap Overflow (Metasploit)
Solaris dtspcd - Remote Heap Overflow (Metasploit)
---
##
# $Id: heap_noir.rb 9179 2010-04-30 08:40:19Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Solaris dtspcd Heap Overflow',
'Description' => %q{
This is a port of noir's dtspcd exploit. This module should
work against any vulnerable version of Solaris 8 (sparc).
The original exploit code was published in the book
Shellcoder's Handbook.
},
'Author' => [ 'noir ', 'hdm' ],
'License' => MSF_LICENSE,
'Version' => '$Revision: 9179 $',
'References' =>
[
[ 'CVE', '2001-0803'],
[ 'OS
Exploit-DB
Virtual PC Hypervisor - Memory Protection
exploitdb·2010-03-17
CVE-2010-1225 Virtual PC Hypervisor - Memory Protection
Virtual PC Hypervisor - Memory Protection
---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
Virtual PC Hypervisor Memory Protection Vulnerability
1. *Advisory Information*
Title: Virtual PC Hypervisor Memory Protection Vulnerability
Advisory Id: CORE-2009-0803
Advisory URL:
http://www.coresecurity.com/content/virtual-pc-2007-hypervisor-memory-protection-bug
Date published: 2010-03-16
Date of last update: 2010-03-16
Vendors contacted: Microsoft
Release mode: User release
2. *Vulnerability Information*
Class: Improper Access Control [CWE-285]
Impact: Security bypass
Remotely Exploitable: No
Locally Exploitable: Yes
Bugtraq ID: 38764
CVE Name: N/A
3. *Vulnerability Description*
Windows Virtual PC
Exploit-DB
Joomla! Component jVideoDirect - Blind SQL Injection
exploitdb·2010-01-28
CVE-2010-0803 Joomla! Component jVideoDirect - Blind SQL Injection
Joomla! Component jVideoDirect - Blind SQL Injection
---
[~]>> ...[BEGIN ADVISORY]...
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[~]>> TITLE: Joomla (jVideoDirect) BLIND SQL Injection Vulnerability
[~]>> LANGUAGE: PHP
[~]>> DORK: N/A
[~]>> RESEARCHER: B-HUNT3|2
[~]>> CONTACT: bhunt3r[at_no_spam]gmail[dot_no_spam]com
[~]>> TYPE: COMMERCIAL
[~]>> PRICE: N/A
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[~]>> DESCRIPTION: Input var v is vulnerable to SQL Code Injection
[~]>> AFFECTED VERSIONS: Confirmed in 1.1 RC3b but probably other versions also
[~]>> RISK: Medium/High
[~]>> IMPACT: Execute Arbitrary SQL queries
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[~]>> PROOF OF CONCEPT
No writeups or analysis indexed.
http://osvdb.org/62042http://packetstormsecurity.org/1001-exploits/joomlajvideodirect-sql.txthttp://secunia.com/advisories/38436http://www.exploit-db.com/exploits/11280http://www.securityfocus.com/bid/37990https://exchange.xforce.ibmcloud.com/vulnerabilities/55957http://osvdb.org/62042http://packetstormsecurity.org/1001-exploits/joomlajvideodirect-sql.txthttp://secunia.com/advisories/38436http://www.exploit-db.com/exploits/11280http://www.securityfocus.com/bid/37990https://exchange.xforce.ibmcloud.com/vulnerabilities/55957
2010-03-02
Published