CVE-2006-1347

gCards < 1.45 - SQL Injection via Username Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1347. PoCs published by rgod.

AI-analyzed exploit summary This exploit demonstrates two vulnerabilities in gCards <= 1.45: arbitrary local file inclusion via the 'setLang' parameter and SQL injection for admin authentication bypass. It allows remote command execution by injecting PHP code into log files or bypassing authentication to upload malicious files.

Description

SQL injection vulnerability in loginfunction.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/1595

View Code ZIP pw:eip

This exploit demonstrates two vulnerabilities in gCards <= 1.45: arbitrary local file inclusion via the 'setLang' parameter and SQL injection for admin authentication bypass. It allows remote command execution by injecting PHP code into log files or bypassing authentication to upload malicious files.

Classification

Working Poc 100%

Attack Type

Rce | Sqli | Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: gCards <= 1.45

No auth needed

Prerequisites: Target must have gCards <= 1.45 installed · For action 1: Log files must be writable and accessible via path traversal · For action 2: magic_quotes_gpc must be Off

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1078 - Valid Accounts

devstral-2 · analyzed Feb 18, 2026 Full analysis →