CVE-2010-4847
published 2011-09-27CVE-2010-4847: SQL injection vulnerability in view_item.php in MH Products MHP Downloadshop allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
PriorityP344high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.18%
63.8th percentile
SQL injection vulnerability in view_item.php in MH Products MHP Downloadshop allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
MHP Downloadshop - SQL Injection
exploitdb·2010-12-17
CVE-2010-4847 MHP Downloadshop - SQL Injection
MHP Downloadshop - SQL Injection
---
----------------------------Information------------------------------------------------
+Name : MHP Downloadshop <= SQL injection Vulnerability Proof of Concept
+Autor : Easy Laster
+Date : 17.12.2010
+Script : MHP Downloadshop
+Demo :http://wp1072278.vwp3485.webpack.hosteurope.de/demoserver/Download-Shop/
+Download : ----
+Price : 19,90
+Language : PHP
+Discovered by Easy Laster
+Security Group 4004-Security-Project.com
+Greetz to Team-Internet ,Underground Agents and free-hack.com
+And all Friends of Cyberlive : R!p,Eddy14,Silent Vapor,Nolok,
Kiba,-tmh-,Dr.ChAoS,HANN!BAL,Kabel,-=Player=-,Lidloses_Auge,
N00bor,Ic3Drag0n,novaca!ne,n3w7u,Maverick010101,s0red,c1ox,enco.
___ ___ ___ ___ _ _ _____ _ _
| | | | | | |___ ___ ___ ___ _ _ ___|_| |_ _ _ ___
Exploit-DB
Ipswitch WS_FTP Server 5.05 - XMD5 Overflow (Metasploit)
exploitdb·2010-04-30
CVE-2006-4847 Ipswitch WS_FTP Server 5.05 - XMD5 Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - XMD5 Overflow (Metasploit)
---
##
# $Id: wsftp_server_505_xmd5.rb 9179 2010-04-30 08:40:19Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Ipswitch WS_FTP Server 5.05 XMD5 Overflow',
'Description' => %q{
This module exploits a buffer overflow in the XMD5 verb in
IPSWITCH WS_FTP Server 5.05.
},
'Author' => 'MC',
'License' => MSF_LICENSE,
'Version' => '$Revision: 9179 $',
'References' =>
[
[ 'CVE', '2006-4847' ],
[ 'OSVDB', '28939' ],
[ 'BID', '20076' ],
],
'Privileged' => false,
'Payload' =>
{
'Space' =
No writeups or analysis indexed.
http://packetstormsecurity.org/files/view/96774/mhpdownloadshop-sql.txthttp://secunia.com/advisories/42675http://securityreason.com/securityalert/8397http://www.exploit-db.com/exploits/15756http://www.securityfocus.com/bid/45474https://exchange.xforce.ibmcloud.com/vulnerabilities/64193http://packetstormsecurity.org/files/view/96774/mhpdownloadshop-sql.txthttp://secunia.com/advisories/42675http://securityreason.com/securityalert/8397http://www.exploit-db.com/exploits/15756http://www.securityfocus.com/bid/45474https://exchange.xforce.ibmcloud.com/vulnerabilities/64193
2011-09-27
Published