CVE-2012-1911
published 2012-09-09CVE-2012-1911: Multiple SQL injection vulnerabilities in PHP Address Book 6.2.12 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) to_group…
PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.23%
65.2th percentile
Multiple SQL injection vulnerabilities in PHP Address Book 6.2.12 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) to_group parameter to group.php or (2) id parameter to vcard.php. NOTE: the edit.php vector is already covered by CVE-2008-2565.
Affected
104 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chatelao | php_address_book | <= 6.2.11 | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
| chatelao | php_address_book | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
McAfee Virtual Technician MVTControl 6.3.0.1911 - GetObject (Metasploit)
exploitdb·2012-05-01
CVE-2012-4598 McAfee Virtual Technician MVTControl 6.3.0.1911 - GetObject (Metasploit)
McAfee Virtual Technician MVTControl 6.3.0.1911 - GetObject (Metasploit)
---
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 "McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject Vulnerability",
'Description' => %q{
This modules exploits a vulnerability found in McAfee Virtual Technician's
MVTControl. This ActiveX control can be abused by using the GetObject() function
to load additional unsafe classes such as WScript.Shell, therefore allowing remote
code execution under the context of the user.
},
'License' => MSF_LICENSE,
'Author' =>
[
'r
Exploit-DB
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX 'GetObject()' Code Execution
exploitdb·2012-04-30
CVE-2012-4598 McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX 'GetObject()' Code Execution
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX 'GetObject()' Code Execution
---
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control
GetObject() Security Bypass Remote Code Execution Vulnerability
tested against: Microsoft Windows Vista sp2
Microsoft Windows 2003 r2 sp2
Internet Explorer 7/8/9
product homepage: http://www.mcafee.com/it/downloads/free-tools/virtual-technician.aspx
file tested: MVTInstaller.exe
background:
the mentioned product installs an ActiveX control with
the following settings:
Binary path: C:\Program Files\McAfee\Supportability\MVT\MVT.dll
ProgID: MVT.MVTControl.6300
CLSID: {2EBE1406-BE0E-44E6-AE10-247A0C5AEDCF}
Implements IObjectSafety: Yes
Safe for Scripting (IObjectSafety): true
Safe for Initialization (IObjectSafety
Exploit-DB
PHP Address Book 6.2.12 - Multiple Vulnerabilities
exploitdb·2012-03-10
CVE-2012-2903 PHP Address Book 6.2.12 - Multiple Vulnerabilities
PHP Address Book 6.2.12 - Multiple Vulnerabilities
---
Advisory: PHP Address Book 6.2.12 Multiple security vulnerabilities
Advisory ID: SSCHADV2012-007
Author: Stefan Schurtz
Affected Software: Successfully tested on PHP Address Book 6.2.12
Vendor URL: http://sourceforge.net/projects/php-addressbook/
Vendor Status: informed
Vulnerability Description
PHP Address Book 6.2.12 is prone to multiple XSS and SQL-Injection vulnerabilities
PoC-Exploit
// (Blind) SQL-Injection
http://[target]/addressbook/edit.php?id=[sql-injection]
http://[target]/addressbook/group.php?add=Add to&group=1&selected%5b%5d=132&to_group=[sql-injection]
http://[target]/addressbook/vcard.php?id=[sql-injection]
// XSS
http://[target]/addressbook/preferences.php?from='"alert(document.cookie)
http://[target]/addressboo
No writeups or analysis indexed.
http://sourceforge.net/tracker/?func=detail&aid=3496653&group_id=157964&atid=805929http://sourceforge.net/tracker/?func=detail&aid=3501716&group_id=157964&atid=805929http://www.darksecurity.de/advisories/2012/SSCHADV2012-007.txthttp://www.exploit-db.com/exploits/18578http://www.securityfocus.com/bid/52396https://exchange.xforce.ibmcloud.com/vulnerabilities/73943http://sourceforge.net/tracker/?func=detail&aid=3496653&group_id=157964&atid=805929http://sourceforge.net/tracker/?func=detail&aid=3501716&group_id=157964&atid=805929http://www.darksecurity.de/advisories/2012/SSCHADV2012-007.txthttp://www.exploit-db.com/exploits/18578http://www.securityfocus.com/bid/52396https://exchange.xforce.ibmcloud.com/vulnerabilities/73943
2012-09-09
Published