CVE-2006-4524

Digiappz Freekot - SQL Injection

Title source: rule

Description

Multiple SQL injection vulnerabilities in login_verif.asp in Digiappz Freekot 1.01 allow remote attackers to execute arbitrary SQL commands via the (1) login or (2) password parameters. NOTE: some of these details are obtained from third party information.

Exploits (2)

exploitdb WORKING POC VERIFIED

by R3d-D3V!L · textwebappsasp

https://www.exploit-db.com/exploits/10496

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by FarhadKey · htmlwebappsasp

https://www.exploit-db.com/exploits/28443

View Code ZIP pw:eip

References (7)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/444752/100/0/threaded

[Various Sources] http://www.kapda.ir/attach-1996-xpl_freekot.htm

[Vendor Advisory] http://secunia.com/advisories/21669

[Vendor Advisory] http://www.kapda.ir/advisory-410.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/28672

[Third Party Advisory] http://securityreason.com/securityalert/1488

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/19768

Scores

EPSS 0.0284

EPSS Percentile 86.2%

Details

Status published

Products (2)

digiappz/freekot

digiappz/freekot 1.01

Published Sep 01, 2006

Tracked Since Feb 18, 2026