CVE-2002-0554
IBM Informix Web DataBlade 4.12 - SQL Injection via HTTP Request
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2002-0554. PoCs published by Simon Lodal.
AI-analyzed exploit summary This exploit demonstrates SQL injection in Informix Web Datablade by injecting a UNION-based query to read arbitrary files (e.g., /etc/passwd) via the FileToClob function. The attack leverages improper input sanitization in dynamically generated HTML content.
Description
webdriver in IBM Informix Web DataBlade 4.12 allows remote attackers to bypass user access levels or read arbitrary files via a SQL injection attack in an HTTP request.
Exploits (1)
This exploit demonstrates SQL injection in Informix Web Datablade by injecting a UNION-based query to read arbitrary files (e.g., /etc/passwd) via the FileToClob function. The attack leverages improper input sanitization in dynamically generated HTML content.