CVE-2010-2508
published 2010-06-28CVE-2010-2508: SQL injection vulnerability in user-profile.php in 2daybiz Video Community Portal Script allows remote attackers to execute arbitrary SQL commands via the…
PriorityP343high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
0.96%
57.1th percentile
SQL injection vulnerability in user-profile.php in 2daybiz Video Community Portal Script allows remote attackers to execute arbitrary SQL commands via the userid parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 2daybiz | video_community_portal_script | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
2DayBiz Video Community Portal - 'user-profile.php' SQL Injection
exploitdb·2010-06-24
CVE-2010-2508 2DayBiz Video Community Portal - 'user-profile.php' SQL Injection
2DayBiz Video Community Portal - 'user-profile.php' SQL Injection
---
$-------------------------------------------------------------------------------------------------------------------
$ 2daybiz Video Community portal"user-profile.php" SQL injection
$ Author : Sangteamtham
$ Home : Hcegroup.net
$ Download :http://www.2daybiz.com/videocommunity_portalscript.html
$ Date :06/24/2010
$
$******************************************************************************************
$Exploit:
$
$ http://server/user-profile.php?userid=[id number][SQL]
$
$******************************************************************************************
$ Greetz to: All Vietnamese hackers and Hackers out there researching for
more security
$
$
$---------------------------------------------------------------
Exploit-DB
Trend Micro ServerProtect 5.58 - 'CreateBinding()' Remote Buffer Overflow (Metasploit)
exploitdb·2010-04-30
CVE-2007-2508 Trend Micro ServerProtect 5.58 - 'CreateBinding()' Remote Buffer Overflow (Metasploit)
Trend Micro ServerProtect 5.58 - 'CreateBinding()' Remote Buffer Overflow (Metasploit)
---
##
# $Id: trendmicro_serverprotect_createbinding.rb 9179 2010-04-30 08:40:19Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Trend Micro ServerProtect 5.58 CreateBinding() Buffer Overflow',
'Description' => %q{
This module exploits a buffer overflow in Trend Micro ServerProtect 5.58 Build 1060.
By sending a specially crafted RPC request, an attacker could overflow the
buffer and execute arbitrary code.
},
'Author' => [ 'MC' ],
'License' => MS
Exploit-DB
Trend Micro ServerProtect 5.58 - 'EarthAgent.exe' Remote Buffer Overflow (Metasploit)
exploitdb·2010-04-30
CVE-2007-2508 Trend Micro ServerProtect 5.58 - 'EarthAgent.exe' Remote Buffer Overflow (Metasploit)
Trend Micro ServerProtect 5.58 - 'EarthAgent.exe' Remote Buffer Overflow (Metasploit)
---
##
# $Id: trendmicro_serverprotect_earthagent.rb 9179 2010-04-30 08:40:19Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Trend Micro ServerProtect 5.58 EarthAgent.EXE Buffer Overflow',
'Description' => %q{
This module exploits a buffer overflow in Trend Micro ServerProtect 5.58 Build 1060
EarthAgent.EXE. By sending a specially crafted RPC request, an attacker could overflow the
buffer and execute arbitrary code.
},
'Author' => [ 'MC' ],
'Lice
No writeups or analysis indexed.
2010-06-28
Published