CVE-2010-1216
published 2010-03-30CVE-2010-1216: PHP remote file inclusion vulnerability in templates/template.php in notsoPureEdit 1.4.1 and earlier, when register_globals is enabled, allows remote attackers…
PriorityP336medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
2.38%
81.8th percentile
PHP remote file inclusion vulnerability in templates/template.php in notsoPureEdit 1.4.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the content parameter. NOTE: some of these details are obtained from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| notsopureedit | notsopureedit | <= 1.4.1 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PeerCast 0.1216 (Windows x86) - URL Handling Buffer Overflow (Metasploit)
exploitdb·2010-09-20
CVE-2006-1148 PeerCast 0.1216 (Windows x86) - URL Handling Buffer Overflow (Metasploit)
PeerCast 0.1216 (Windows x86) - URL Handling Buffer Overflow (Metasploit)
---
##
# $Id: peercast_url.rb 10394 2010-09-20 08:06:27Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'PeerCast %q{
This module exploits a stack buffer overflow in PeerCast [ 'hdm' ],
'License' => MSF_LICENSE,
'Version' => '$Revision: 10394 $',
'References' =>
[
['CVE', '2006-1148'],
['OSVDB', '23777'],
['BID', '17040'],
['URL', 'http://www.infigo.hr/in_focus/INFIGO-2006-03-01'],
],
'Privileged' => false,
'Payload' =>
{
'Space' => 400,
'BadChars' => "\x00\x0
Exploit-DB
PeerCast 0.1216 (Linux) - URL Handling Buffer Overflow (Metasploit)
exploitdb·2010-09-20
CVE-2006-1148 PeerCast 0.1216 (Linux) - URL Handling Buffer Overflow (Metasploit)
PeerCast 0.1216 (Linux) - URL Handling Buffer Overflow (Metasploit)
---
##
# $Id: peercast_url.rb 10394 2010-09-20 08:06:27Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'PeerCast %q{
This module exploits a stack buffer overflow in PeerCast [ 'MC' ],
'License' => BSD_LICENSE,
'Version' => '$Revision: 10394 $',
'References' =>
[
['CVE', '2006-1148'],
['OSVDB', '23777'],
['BID', '17040'],
['URL', 'http://www.infigo.hr/in_focus/INFIGO-2006-03-01'],
],
'Privileged' => false,
'Payload' =>
{
'Space' => 200,
'BadChars' => "\x00\x0a\x0d\
Exploit-DB
NotSopureEdit 1.4.1 - Remote File Inclusion
exploitdb·2010-03-21
CVE-2010-1216 NotSopureEdit 1.4.1 - Remote File Inclusion
NotSopureEdit 1.4.1 - Remote File Inclusion
---
NotSopureEdit > Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ###################################### 1
0 I'm cr4wl3r member from Inj3ct0r Team 1
1 ###################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
[+] Discovered by: cr4wl3r
[+] My id: http://inj3ct0r.com/author/945
[+] Original: http://inj3ct0r.com/exploits/11393
[+] Download : http://code.google.com/p/notsopureedit/downloads/list
[+] Code [template.php]:
[+] PoC: [path]/templates/template.php?content=[Shell]
[+] Greetz: All member inj3ct0r.com
# Inj3ct0r.com [2010-03-22]
No writeups or analysis indexed.
http://inj3ct0r.com/exploits/11393http://secunia.com/advisories/39070http://www.exploit-db.com/exploits/11832http://www.vupen.com/english/advisories/2010/0673http://inj3ct0r.com/exploits/11393http://secunia.com/advisories/39070http://www.exploit-db.com/exploits/11832http://www.vupen.com/english/advisories/2010/0673
2010-03-30
Published