Exploitation Summary
EIP tracks 1 public exploit for CVE-2004-2143. PoCs published by khoaimi.
AI-analyzed exploit summary The exploit demonstrates SQL injection in the ReMOSitory module for Mambo CMS via the 'filecatid' parameter. It allows an attacker to extract sensitive information, such as administrator password hashes, by manipulating the SQL query.
Description
SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and earlier allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in the com_remository option.
Exploits (1)
The exploit demonstrates SQL injection in the ReMOSitory module for Mambo CMS via the 'filecatid' parameter. It allows an attacker to extract sensitive information, such as administrator password hashes, by manipulating the SQL query.