CVE-2006-0879

Noah's Classifieds 1.3 - SQL Injection via Search Tool

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0879. PoCs published by trueend5.

AI-analyzed exploit summary This exploit demonstrates an SQL injection vulnerability in Noah's Classifieds, allowing an attacker to dump user credentials into a file. The attack leverages improper input sanitization in the search field to execute a UNION-based SQL query.

Description

SQL injection vulnerability in the search tool in Noah's Classifieds 1.3 allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors.

Exploits (1)

exploitdb WORKING POC VERIFIED

by trueend5 · textwebappsphp

https://www.exploit-db.com/exploits/27260

View Code ZIP pw:eip

This exploit demonstrates an SQL injection vulnerability in Noah's Classifieds, allowing an attacker to dump user credentials into a file. The attack leverages improper input sanitization in the search field to execute a UNION-based SQL query.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Noah's Classifieds

No auth needed

Prerequisites: MySQL user with file permissions · knowledge of installation path

MITRE ATT&CK