CVE-2001-0418

NCM Content Management System - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0418. PoCs published by RA-Soft Security.

AI-analyzed exploit summary The exploit describes a SQL injection vulnerability in NCM Content Management System's content.pl script, allowing arbitrary SQL queries via improper input validation. It includes example URLs demonstrating the injection technique.

Description

content.pl script in NCM Content Management System allows remote attackers to read arbitrary contents of the content database by inserting SQL characters into the id parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by RA-Soft Security · textremotecgi
https://www.exploit-db.com/exploits/20752

The exploit describes a SQL injection vulnerability in NCM Content Management System's content.pl script, allowing arbitrary SQL queries via improper input validation. It includes example URLs demonstrating the injection technique.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: NCM Content Management System
No auth needed
Prerequisites: Access to the target URL
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-04/0223.html
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/2584

Scores

EPSS 0.0277
EPSS Percentile 84.6%

Details

Status published
Products (1)
ncm/ncm_content_management_system
Published Jul 02, 2001
Tracked Since Feb 18, 2026