CVE-2010-2684
published 2010-07-12CVE-2010-2684: SQL injection vulnerability in index.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
PriorityP344high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.19%
64.0th percentile
SQL injection vulnerability in index.php in Customer Paradigm PageDirector CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SERVER HP LaserJet Printer Cross Site Scripting Attempt
suricata·2010-07-30
CVE-2009-2684 ET WEB_SERVER HP LaserJet Printer Cross Site Scripting Attempt
ET WEB_SERVER HP LaserJet Printer Cross Site Scripting Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER HP LaserJet Printer Cross Site Scripting Attempt"; flow:established,to_server; http.uri; content:"/support_param.html/config"; nocase; content:"Admin_Name=&Admin_Phone="; nocase; content:"Product_URL="; nocase; pcre:"/(script|onmouse[a-z]+|onkey[a-z]+|onload|onunload|ondragdrop|onblur|onfocus|onclick|ondblclick|onsubmit|onreset|onselect|onchange).+Apply\x3DApply/i"; reference:url,dsecrg.com/pages/vul/show.php?id=148; reference:cve,2009-2684; classtype:web-application-attack; sid:2010919; rev:6; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, cve CVE_2009_2684, deployment Datacenter, signature_severity Maj
No writeups or analysis indexed.
http://osvdb.org/65830http://packetstormsecurity.org/1006-exploits/pagedirector-sqladdadmin.txthttp://secunia.com/advisories/40367http://www.exploit-db.com/exploits/14089http://www.securityfocus.com/bid/41184http://www.vupen.com/english/advisories/2010/1633https://exchange.xforce.ibmcloud.com/vulnerabilities/59844http://osvdb.org/65830http://packetstormsecurity.org/1006-exploits/pagedirector-sqladdadmin.txthttp://secunia.com/advisories/40367http://www.exploit-db.com/exploits/14089http://www.securityfocus.com/bid/41184http://www.vupen.com/english/advisories/2010/1633https://exchange.xforce.ibmcloud.com/vulnerabilities/59844
2010-07-12
Published