EXPLOITDB-EDB-14465

EXPLOITDB text VERIFIED WORKING POC

Exploit for CVE-2010-2926 - sNews 1.7 - SQL Injection

AI Analysis

This exploit demonstrates a SQL injection vulnerability in sNews v1.7 via the 'category' parameter. The provided URL manipulates the parameter to extract database version information through a UNION-based SQL injection.

Attack Type

SQLi

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type webapps

Platform php

Language text

Files 1

https://www.exploit-db.com/exploits/14465

Authors

CoBRa_21

Vulnerability

CVE-2010-2926

sNews 1.7 - SQL Injection