CVE-2006-2889

Pixelpost < 1.5_rc1 - SQL Injection via Category or Archivedate Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2889. PoCs published by rgod.

AI-analyzed exploit summary This exploit targets Pixelpost <= 1.5rc1-2, leveraging SQL injection vulnerabilities in the 'category' and 'archivedate' parameters to extract admin credentials and bypass authentication. It then constructs an admin cookie for privilege escalation and command execution via file upload.

Description

Multiple SQL injection vulnerabilities in index.php in Pixelpost 1-5rc1-2 and earlier allow remote attackers to execute arbitrary SQL commands, and leverage them to gain administrator privileges, via the (1) category or (2) archivedate parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/1868

View Code ZIP pw:eip

This exploit targets Pixelpost <= 1.5rc1-2, leveraging SQL injection vulnerabilities in the 'category' and 'archivedate' parameters to extract admin credentials and bypass authentication. It then constructs an admin cookie for privilege escalation and command execution via file upload.

Classification

Working Poc 95%

Attack Type

Sqli | Auth Bypass | Rce

Complexity

Moderate

Reliability

Reliable

Target: Pixelpost <= 1.5rc1-2

No auth needed

Prerequisites: magic_quotes_gpc=Off · register_globals=On (for auth bypass) · network access to target

MITRE ATT&CK