CVE-2014-1459
published 2014-02-11CVE-2014-1459: SQL injection vulnerability in dg-admin/index.php in doorGets CMS 5.2 and earlier allows remote authenticated administrators to execute arbitrary SQL commands…
PriorityP340medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EXPLOIT
EPSS
2.27%
80.9th percentile
SQL injection vulnerability in dg-admin/index.php in doorGets CMS 5.2 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the _position_down_id parameter. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| doorgets | doorgets_cms | <= 5.2 | — |
| doorgets | doorgets_cms | — | — |
| doorgets | doorgets_cms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
WordPress Plugin Nextend Facebook Connect 1.4.59 - Cross-Site Scripting
exploitdb·2014-12-02·CVSS 4.3
CVE-2014-8800 [MEDIUM] WordPress Plugin Nextend Facebook Connect 1.4.59 - Cross-Site Scripting
WordPress Plugin Nextend Facebook Connect 1.4.59 - Cross-Site Scripting
---
# Exploit Title: Nextend Facebook Connect 1.4.59 XSS
# Date: 16-10-2014
# Exploit Author: Kacper Szurek - http://security.szurek.pl/ http://twitter.com/KacperSzurek
# Software Link: https://downloads.wordpress.org/plugin/nextend-facebook-connect.1.4.59.zip
# Category: webapps
# CVE: CVE-2014-8800
1. Description
Anyone can change plugin settings.
File: nextend-facebook-connect\nextend-facebook-settings.php
if(isset($_POST['newfb_update_options'])) {
if($_POST['newfb_update_options'] == 'Y') {
foreach($_POST AS $k => $v){
$_POST[$k] = stripslashes($v);
}
update_option("nextend_fb_connect", maybe_serialize($_POST));
$newfb_status = 'update_success';
}
}
http://security.szurek.pl/nextend-facebook-connect-1459-xss
Exploit-DB
doorGets CMS 5.2 - SQL Injection
exploitdb·2014-02-07·CVSS 6.5
CVE-2014-1459 [MEDIUM] doorGets CMS 5.2 - SQL Injection
doorGets CMS 5.2 - SQL Injection
---
Advisory ID: HTB23197
Product: doorGets CMS
Vendor: doorGets
Vulnerable Version(s): 5.2 and probably prior
Tested Version: 5.2
Advisory Publication: January 15, 2014 [without technical details]
Vendor Notification: January 15, 2014
Vendor Patch: January 15, 2014
Public Disclosure: February 5, 2014
Vulnerability Type: SQL Injection [CWE-89]
CVE Reference: CVE-2014-1459
Risk Level: Medium
CVSSv2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab ( https://www.htbridge.com/advisory/ )
Advisory Details:
High-Tech Bridge Security Research Lab discovered vulnerability in doorGets CMS, which can be exploited to perform SQL Injection attacks.
1) SQL Injection in do
No writeups or analysis indexed.
http://packetstormsecurity.com/files/125078http://www.exploit-db.com/exploits/31521http://www.securityfocus.com/archive/1/530931/100/0/threadedhttp://www.securityfocus.com/bid/65439https://exchange.xforce.ibmcloud.com/vulnerabilities/90967https://github.com/doorgets/doorGets/commit/6b81541fc1e5dd1c70614585c1a04d04ccdb3b19https://www.htbridge.com/advisory/HTB23197http://packetstormsecurity.com/files/125078http://www.exploit-db.com/exploits/31521http://www.securityfocus.com/archive/1/530931/100/0/threadedhttp://www.securityfocus.com/bid/65439https://exchange.xforce.ibmcloud.com/vulnerabilities/90967https://github.com/doorgets/doorGets/commit/6b81541fc1e5dd1c70614585c1a04d04ccdb3b19https://www.htbridge.com/advisory/HTB23197
2014-02-11
Published