Published: 02/03/2010 Updated: 03/03/2010

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 756

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in index.php in (nv2) Awards 1.1.0, a modification for Invision Power Board, allows remote malicious users to execute arbitrary SQL commands via the id parameter in a view action.

Vulnerable Product	Search on Vulmon	Subscribe to Product
aleinbeen \\(nv2\\)_awards 1.1.0

################################################# + + Author: fred777 - [fred777de] + Link: forumsinvisionizecom/nv2-Awards-120-t137847html + Vuln: indexphp?autocom=awards&do=view&id=1 + Greetzz to: Back2hackcc + Contact: nebelfrost77@googlemailcom + ############################################### ...

RTF_11882_0802 CVE-2017-11882 CVE-2017-11882: portalmsrcmicrosoftcom/en-US/security-guidance/advisory/CVE-2017-11882 MITRE CVE-2017-11882: cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2017-11882 Research: embedicom/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about Patch analysis: 0patchblogspotru/2017/11/did-microsoft-just-man

PoC for CVE-2018-0802 And CVE-2017-11882

RTF_11882_0802 CVE-2017-11882 CVE-2017-11882: portalmsrcmicrosoftcom/en-US/security-guidance/advisory/CVE-2017-11882 MITRE CVE-2017-11882: cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2017-11882 Research: embedicom/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about Patch analysis: 0patchblogspotru/2017/11/did-microsoft-just-man

CWE-89 http://www.exploit-db.com/exploits/11297 http://packetstormsecurity.org/1001-exploits/ipbawards-sql.txt http://secunia.com/advisories/38407 https://nvd.nist.gov https://www.exploit-db.com/exploits/11297/https://github.com/Ridter/RTF_11882_0802

CVE-2010-0802

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect