CVE-2006-2857

LifeType 1.0.4 - SQL Injection via articleId Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2857. PoCs published by rgod.

AI-analyzed exploit summary This exploit targets a SQL injection vulnerability in LifeType <= 1.0.4_r3270, allowing an attacker to disclose admin credentials by manipulating the 'articleId' parameter. It bypasses magic_quotes_gpc and retrieves the admin username and password hash via UNION-based SQLi.

Description

SQL injection vulnerability in index.php in LifeType 1.0.4 allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a ViewArticle action (viewarticleaction.class.php).

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/1874

View Code ZIP pw:eip

This exploit targets a SQL injection vulnerability in LifeType <= 1.0.4_r3270, allowing an attacker to disclose admin credentials by manipulating the 'articleId' parameter. It bypasses magic_quotes_gpc and retrieves the admin username and password hash via UNION-based SQLi.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: LifeType <= 1.0.4_r3270

Auth required

Prerequisites: Valid user account credentials · Target server running LifeType with vulnerable version

MITRE ATT&CK