EXPLOITDB-EDB-20393

EXPLOITDB python VERIFIED WORKING POC

Exploit for CVE-2012-10047 - Cyclope Employee Surveillance Solution 6.x - SQL Injection

AI Analysis

This exploit demonstrates SQL injection leading to remote code execution in Cyclope Employee Surveillance Solution v6.0. It leverages improper input sanitization in the login form's username parameter to write a PHP backdoor, enabling arbitrary command execution.

Attack Type

RCE

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution T1505 - Server Software Component

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type webapps

Platform windows

Language python

Files 1

https://www.exploit-db.com/exploits/20393

Authors

loneferret

Vulnerability

CVE-2012-10047

Cyclope Employee Surveillance Solution 6.x - SQL Injection