CVE-2006-1569

RedCMS 0.1 - SQL Injection via Username or Password Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2006-1569. PoCs published by Aliaksandr Hartsuyeu.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in RedCMS via the 'id' parameter in profile.php. The payload uses a UNION-based attack to extract data from the database.

Description

Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters to (a) login.php or (b) register.php; or (3) u parameter to (c) profile.php.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Aliaksandr Hartsuyeu · textwebappsphp
https://www.exploit-db.com/exploits/27538

This exploit demonstrates a SQL injection vulnerability in RedCMS via the 'id' parameter in profile.php. The payload uses a UNION-based attack to extract data from the database.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: RedCMS (version unspecified)
No auth needed
Prerequisites: Access to the vulnerable RedCMS profile.php endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Aliaksandr Hartsuyeu · textwebappsphp
https://www.exploit-db.com/exploits/27539

This exploit demonstrates an SQL injection vulnerability in RedCMS's login.php, allowing authentication bypass by injecting a malformed username. The payload ' or 1/* bypasses authentication by manipulating the SQL query logic.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: RedCMS (version unspecified)
No auth needed
Prerequisites: Access to the RedCMS login page
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/431001/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/17336
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/1186
Various Sources x_refsource_misc
http://evuln.com/vulns/115/summary.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/25578
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19475
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/24297
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/24298
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/24299

Scores

EPSS 0.0188
EPSS Percentile 76.8%

Details

Status published
Products (1)
redcms/redcms 0.1
Published Apr 01, 2006
Tracked Since Feb 18, 2026