CVE-2006-3904

Etomite < 0.6.1 - SQL Injection via Username Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-3904. PoCs published by rgod.

AI-analyzed exploit summary This exploit targets a SQL injection vulnerability in Etomite CMS <= 0.6.1, allowing an attacker to disclose admin credentials by manipulating the 'username' parameter in the login process. It uses a UNION-based SQL injection to extract the database name, table prefix, and subsequently the admin username and password hash.

Description

SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1 and earlier, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/2071

View Code ZIP pw:eip

This exploit targets a SQL injection vulnerability in Etomite CMS <= 0.6.1, allowing an attacker to disclose admin credentials by manipulating the 'username' parameter in the login process. It uses a UNION-based SQL injection to extract the database name, table prefix, and subsequently the admin username and password hash.

Classification

Working Poc 100%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Etomite CMS <= 0.6.1

No auth needed

Prerequisites: magic_quotes_gpc=Off · Network access to the target server

MITRE ATT&CK