CVE-2003-0752

AttilaPHP < 3.0 - SQL Injection via cook_id Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0752. PoCs published by frog.

AI-analyzed exploit summary This is a writeup describing an SQL injection vulnerability in Attila PHP. The vulnerability allows an attacker to bypass user verification checks by manipulating the 'cook_id' parameter in a URI request.

Description

SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possibly earlier versions, allows remote attackers to bypass authentication via a modified cook_id parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by frog · textwebappsphp

https://www.exploit-db.com/exploits/23064

View Code ZIP pw:eip

This is a writeup describing an SQL injection vulnerability in Attila PHP. The vulnerability allows an attacker to bypass user verification checks by manipulating the 'cook_id' parameter in a URI request.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Theoretical

Target: Attila PHP

No auth needed

Prerequisites: Access to the target web application

MITRE ATT&CK

T1105 - Ingress Tool Transfer

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Vendor Advisory mailing-list x_refsource_vulnwatch

http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0090.html

Scores

EPSS 0.0119

EPSS Percentile 63.9%

Details

Status published

Products (1)

attila-php.net/attilaphp < 3.0

Published Oct 20, 2003

Tracked Since Feb 18, 2026