CVE-2010-1272
published 2010-04-06CVE-2010-1272: PHP remote file inclusion vulnerability in includes/tgpinc.php in Gnat-TGP 1.2.20 and earlier allows remote attackers to execute arbitrary PHP code via a URL…
PriorityP349high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.29%
81.1th percentile
PHP remote file inclusion vulnerability in includes/tgpinc.php in Gnat-TGP 1.2.20 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| komputer.boo | gnat-tgp | <= 1.2.20 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
CA BrightStor Agent for Microsoft SQL - Remote Overflow (Metasploit)
exploitdb·2010-04-30
CVE-2005-1272 CA BrightStor Agent for Microsoft SQL - Remote Overflow (Metasploit)
CA BrightStor Agent for Microsoft SQL - Remote Overflow (Metasploit)
---
##
# $Id: sql_agent.rb 9179 2010-04-30 08:40:19Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'CA BrightStor Agent for Microsoft SQL Overflow',
'Description' => %q{
This module exploits a vulnerability in the CA BrightStor
Agent for Microsoft SQL Server. This vulnerability was
discovered by cybertronic[at]gmx.net.
},
'Author' => [ 'hdm' ],
'License' => MSF_LICENSE,
'Version' => '$Revision: 9179 $',
'References' =>
[
[ 'CVE', '2005-1272'],
[ 'OSVDB', '18501' ]
Exploit-DB
Gnat-TGP 1.2.20 - Remote File Inclusion
exploitdb·2010-03-03
CVE-2010-1272 Gnat-TGP 1.2.20 - Remote File Inclusion
Gnat-TGP 1.2.20 - Remote File Inclusion
---
###############################################################
# Gnat-TGP <= 1.2.20 Remote File Include Vulnerability
# By cr4wl3r
# Download: http://www.komputer.boo.pl/download/skrypty/galerie/gnat-tgp.rar
# Gr33tz: EA ngel, Hmei7, zvtral, mywisdom and all my friend
###############################################################
###############################################################
# Fuck to buat loe tukang show off, dan buat loe yang mengaku dirinya hacker dan pamer sana-sini
# mengatakan orang lain lamer karena suka deface sedangkan dirinya adalah tukang deface
# you are 1337 lamer 1337 hoax and 1337 gay
# i'm injector and rooter in the site and i'm be silent
###############################################################
#######
No writeups or analysis indexed.
http://packetstormsecurity.org/1003-exploits/gnattgp-rfi.txthttp://www.exploit-db.com/exploits/11621http://www.securityfocus.com/bid/38522https://exchange.xforce.ibmcloud.com/vulnerabilities/56675http://packetstormsecurity.org/1003-exploits/gnattgp-rfi.txthttp://www.exploit-db.com/exploits/11621http://www.securityfocus.com/bid/38522https://exchange.xforce.ibmcloud.com/vulnerabilities/56675
2010-04-06
Published