CVE-2006-2268

FlexCustomer <= 0.0.6 - SQL Injection via checkuser/checkpass or username/password Parameters

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2268. PoCs published by Osirys.

AI-analyzed exploit summary This exploit demonstrates an SQL injection vulnerability in Flexcustomer's admin login and a potential PHP code injection via an unremoved install.php file. The SQLi allows admin login bypass using a trivial payload, while the PHP injection could lead to RCE if the install file is accessible.

Description

SQL injection vulnerability in FlexCustomer 0.0.4 and earlier allows remote attackers to bypass authentication and execute arbitrary SQL commands via the admin and ordinary user interface, probably involving the (1) checkuser and (2) checkpass parameters to (a) admin/index.php, and (3) username and (4) password parameters to (b) index.php. NOTE: it was later reported that 0.0.6 is also affected.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Osirys · textwebappsphp

https://www.exploit-db.com/exploits/7622

View Code ZIP pw:eip

This exploit demonstrates an SQL injection vulnerability in Flexcustomer's admin login and a potential PHP code injection via an unremoved install.php file. The SQLi allows admin login bypass using a trivial payload, while the PHP injection could lead to RCE if the install file is accessible.

Classification

Working Poc 90%

Attack Type

Sqli | Auth Bypass | Other

Complexity

Trivial

Reliability

Reliable

Target: Flexcustomer (version not specified)

No auth needed

Prerequisites: Access to the admin login page · Presence of unremoved install.php file for PHP injection

MITRE ATT&CK