Menu

Search for hundreds of thousands of exploits

"CitrusDB 0.3.6 - 'importcc.php' CSV File SQL Injection"

Author

Exploit author

"RedTeam Pentesting"

Platform

Exploit platform

php

Release date

Exploit published date

2005-02-15

Download file

1
2
3
4
5
6
7
8
source: https://www.securityfocus.com/bid/12557/info
  
CitrusDB is reportedly affected by an access validation vulnerability during the upload of CSV files. Exploitation of this issue could result in path disclosure or SQL injection. The issue exists because the application fails to verify user credentials during file upload and import.
  
These issues are reported to affect CitrusDB 0.3.6; earlier versions may also be affected.

THe following proof of concept demonstrates the SQL injection vulnerability:
Reportedly supplying ',,,,, as the contents of the uploaded csv file will make the SQL query in './citrusdb/tools/importcc.php' fail.
Release Date Title Type Platform Author
2020-12-02 "aSc TimeTables 2021.6.2 - Denial of Service (PoC)" local windows "Ismael Nava"
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality" webapps php "Mufaddal Masalawala"
2020-12-02 "Ksix Zigbee Devices - Playback Protection Bypass (PoC)" remote multiple "Alejandro Vazquez Vazquez"
2020-12-02 "Mitel mitel-cs018 - Call Data Information Disclosure" remote linux "Andrea Intilangelo"
2020-12-02 "Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile" webapps multiple "Shahrukh Iqbal Mirza"
2020-12-02 "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)" webapps multiple "Mufaddal Masalawala"
2020-12-02 "DotCMS 20.11 - Stored Cross-Site Scripting" webapps multiple "Hardik Solanki"
2020-12-02 "ChurchCRM 4.2.0 - CSV/Formula Injection" webapps multiple "Mufaddal Masalawala"
2020-12-02 "NewsLister - Authenticated Persistent Cross-Site Scripting" webapps multiple "Emre Aslan"
2020-12-02 "IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path" local windows "Manuel Alvarez"
Release Date Title Type Platform Author
2020-12-02 "WonderCMS 3.1.3 - 'Menu' Persistent Cross-Site Scripting" webapps php "Hemant Patidar"
2020-12-02 "WordPress Plugin Wp-FileManager 6.8 - RCE" webapps php "Mansoor R"
2020-12-02 "WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution" webapps php zetc0de
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - Password Reset leading to Account Takeover" webapps php "Mufaddal Masalawala"
2020-12-02 "Simple College Website 1.0 - 'page' Local File Inclusion" webapps php Mosaaed
2020-12-02 "Car Rental Management System 1.0 - SQL Injection / Local File include" webapps php Mosaaed
2020-12-02 "Pharmacy Store Management System 1.0 - 'id' SQL Injection" webapps php "Aydın Baran Ertemir"
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality" webapps php "Mufaddal Masalawala"
2020-12-02 "WonderCMS 3.1.3 - Authenticated Remote Code Execution" webapps php zetc0de
2020-12-01 "Multi Restaurant Table Reservation System 1.0 - Multiple Persistent XSS" webapps php yunaranyancat
Release Date Title Type Platform Author
2019-01-25 "Cisco RV320 Dual Gigabit WAN VPN Router 1.4.2.15 - Command Injection" webapps hardware "RedTeam Pentesting"
2018-04-09 "CyberArk Password Vault < 9.7 / < 10 - Memory Disclosure" dos linux "RedTeam Pentesting"
2018-04-09 "CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution" webapps json "RedTeam Pentesting"
2017-11-03 "Ladon Framework for Python 0.9.40 - XML External Entity Expansion" webapps xml "RedTeam Pentesting"
2017-07-24 "REDDOXX Appliance Build 2032 / 2.0.625 - Arbitrary File Disclosure" webapps json "RedTeam Pentesting"
2017-07-24 "REDDOXX Appliance Build 2032 / 2.0.625 - Remote Command Execution" webapps json "RedTeam Pentesting"
2016-01-07 "AVM FRITZ!Box < 6.30 - Remote Buffer Overflow" remote hardware "RedTeam Pentesting"
2015-06-16 "TYPO3 Extension Akronymmanager 0.5.0 - SQL Injection" webapps php "RedTeam Pentesting"
2015-06-10 "Alcatel-Lucent OmniSwitch - Cross-Site Request Forgery" webapps hardware "RedTeam Pentesting"
2015-02-11 "IBM Endpoint Manager - Persistent Cross-Site Scripting" webapps cgi "RedTeam Pentesting"
2014-12-02 "TYPO3 Extension ke DomPDF - Remote Code Execution" webapps php "RedTeam Pentesting"
2014-12-02 "EntryPass N5200 - Credentials Exposure" webapps hardware "RedTeam Pentesting"
2014-06-27 "Python CGIHTTPServer - Encoded Directory Traversal" webapps multiple "RedTeam Pentesting"
2014-06-27 "Endeca Latitude 2.2.2 - Cross-Site Request Forgery" webapps multiple "RedTeam Pentesting"
2014-06-09 "DevExpress ASPxFileManager 10.2 < 13.2.8 - Directory Traversal" webapps asp "RedTeam Pentesting"
2012-05-02 "PHP-decoda - 'Video Tag' Cross-Site Scripting" webapps php "RedTeam Pentesting"
2011-05-04 "ZyWALL USG Appliance - Multiple Vulnerabilities" remote hardware "RedTeam Pentesting"
2009-12-21 "TLS - Renegotiation" remote multiple "RedTeam Pentesting"
2009-08-10 "Papoo CMS 3.7.3 - (Authenticated) Arbitrary Code Execution" webapps php "RedTeam Pentesting"
2009-05-05 "IceWarp Merak Mail Server 9.4.1 Groupware Component - Multiple SQL Injections" webapps php "RedTeam Pentesting"
2008-03-11 "Mapbender 2.4.4 - 'mapFiler.php' Remote Code Execution" webapps php "RedTeam Pentesting"
2008-03-11 "Mapbender 2.4.4 - 'gaz' SQL Injection" webapps php "RedTeam Pentesting"
2007-07-13 "ActiveWeb Contentserver 5.6.2929 - 'Picture_Real_Edit.asp' SQL Injection" webapps asp "RedTeam Pentesting"
2007-07-13 "ActiveWeb Contentserver CMS 5.6.2929 - Client-Side Filtering Bypass" webapps php "RedTeam Pentesting"
2007-07-13 "contentserver 5.6.2929 - '/errors/rights.asp?msg' Cross-Site Scripting" webapps asp "RedTeam Pentesting"
2007-07-13 "contentserver 5.6.2929 - '/errors/transaction.asp?msg' Cross-Site Scripting" webapps asp "RedTeam Pentesting"
2006-05-22 "Prodder 0.4 - Arbitrary Shell Command Execution" remote linux "RedTeam Pentesting"
2005-02-15 "CitrusDB 0.3.6 - 'importcc.php' CSV File SQL Injection" webapps php "RedTeam Pentesting"
2005-02-15 "CitrusDB 0.3.6 - 'importcc.php' Arbitrary Database Injection" webapps php "RedTeam Pentesting"
2005-02-15 "CitrusDB 0.3.6 - Arbitrary Local PHP File Inclusion" webapps php "RedTeam Pentesting" 
import requests
response = requests.get('http://127.0.0.1:8181?format=json')

For full documentation follow the link above

Cipherscan. Find out which SSL ciphersuites are supported by a target.

Cipher Protocols Sigalg Trusted

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Host WAF detected