CVE-2015-1372
published 2015-01-27CVE-2015-1372: SQL injection vulnerability in ferretCMS 1.0.4-alpha allows remote attackers to execute arbitrary SQL commands via the p parameter in an update action to…
PriorityP348high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.36%
81.6th percentile
SQL injection vulnerability in ferretCMS 1.0.4-alpha allows remote attackers to execute arbitrary SQL commands via the p parameter in an update action to admin.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ferretcms_project | ferretcms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
pdfium - CPDF_Function::Call Stack Buffer Overflow
exploitdb·2016-01-04
CVE-2015-6787 pdfium - CPDF_Function::Call Stack Buffer Overflow
pdfium - CPDF_Function::Call Stack Buffer Overflow
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=612
The following crash was encountered in pdfium (the Chrome PDF renderer) during PDF fuzzing:
--- cut ---
$ ./pdfium_test asan_stack-oob_b9a750_1372_52559cc9c86b4bc0fb43218c7f69c5c8
Rendering PDF file asan_stack-oob_b9a750_1372_52559cc9c86b4bc0fb43218c7f69c5c8.
Non-linearized path...
==22207==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffc8b7edb84 at pc 0x000000d6f064 bp 0x7ffc8b7ed8c0 sp 0x7ffc8b7ed8b8
READ of size 4 at 0x7ffc8b7edb84 thread T0
#0 0xd6f063 in CPDF_Function::Call(float*, int, float*, int&) const core/src/fpdfapi/fpdf_page/fpdf_page_func.cpp:896:9
#1 0xd6ecd2 in CPDF_StitchFunc::v_Call(float*, float*) const core/src/fpdfap
Exploit-DB
ferretCMS 1.0.4-alpha - Multiple Vulnerabilities
exploitdb·2015-01-26
CVE-2015-1374 ferretCMS 1.0.4-alpha - Multiple Vulnerabilities
ferretCMS 1.0.4-alpha - Multiple Vulnerabilities
---
Advisory:
Advisory ID: SROEADV-2015-10
Author: Steffen Rösemann
Affected Software: ferretCMS v. 1.0.4-alpha
Vendor URL: https://github.com/JRogaishio/ferretCMS
Vendor Status: vendor will patch eventually
CVE-ID: -
Tested on:
- Firefox 35, Iceweasel 31
- Mac OS X 10.10, Kali Linux 1.0.9a
Vulnerability Description:
The content management system ferretCMS v.1.0.4, which is currently in
alpha development stage, suffers from multiple stored/reflecting XSS- and
SQLi-vulnerabilities in its administrative backend.
Moreover, there exists the possibility to upload arbitrary files via the
administrative backend, which can be executed by unauthenticated users, too.
Technical Details:
A reflecting XSS vulnerability can be found in the paramet
No writeups or analysis indexed.
http://seclists.org/fulldisclosure/2015/Jan/98http://sroesemann.blogspot.de/2015/01/report-for-advisory-sroeadv-2015-10.htmlhttp://www.openwall.com/lists/oss-security/2015/01/23/3http://www.securityfocus.com/bid/72287https://github.com/JRogaishio/ferretCMS/issues/63http://seclists.org/fulldisclosure/2015/Jan/98http://sroesemann.blogspot.de/2015/01/report-for-advisory-sroeadv-2015-10.htmlhttp://www.openwall.com/lists/oss-security/2015/01/23/3http://www.securityfocus.com/bid/72287https://github.com/JRogaishio/ferretCMS/issues/63
2015-01-27
Published