CVE-2006-1778

simplog < 0.9.2 - SQL Injection via Multiple Parameters

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1778. PoCs published by rgod.

AI-analyzed exploit summary This exploit leverages a file inclusion vulnerability in Simplog <= 0.9.2 by injecting a remote URL via the 's' parameter, leading to remote command execution. The script sends a crafted HTTP request with the malicious payload embedded in cookies.

Description

Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) blogid parameter in (a) index.php and (b) archive.php, the (2) m and (3) y parameters in archive.php, and the (4) sql parameter in (c) server.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/1663

View Code ZIP pw:eip

This exploit leverages a file inclusion vulnerability in Simplog <= 0.9.2 by injecting a remote URL via the 's' parameter, leading to remote command execution. The script sends a crafted HTTP request with the malicious payload embedded in cookies.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Simplog <= 0.9.2

No auth needed

Prerequisites: allow_url_fopen enabled on the target server · remote server hosting the malicious PHP code

MITRE ATT&CK