CVE-2006-4524

Digiappz Freekot 1.01 - SQL Injection via Login or Password Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2006-4524. PoCs published by R3d-D3V!L, FarhadKey.

AI-analyzed exploit summary This exploit demonstrates a simple SQL injection vulnerability in the login mechanism of the 'freekot' software by DigiAppz. The payload bypasses authentication by injecting a tautology into the SQL query.

Description

Multiple SQL injection vulnerabilities in login_verif.asp in Digiappz Freekot 1.01 allow remote attackers to execute arbitrary SQL commands via the (1) login or (2) password parameters. NOTE: some of these details are obtained from third party information.

Exploits (2)

exploitdb WORKING POC VERIFIED
by R3d-D3V!L · textwebappsasp
https://www.exploit-db.com/exploits/10496

This exploit demonstrates a simple SQL injection vulnerability in the login mechanism of the 'freekot' software by DigiAppz. The payload bypasses authentication by injecting a tautology into the SQL query.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: freekot (version not specified)
No auth needed
Prerequisites: Access to the login page of the vulnerable application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by FarhadKey · htmlwebappsasp
https://www.exploit-db.com/exploits/28443

This is a working proof-of-concept for an SQL injection vulnerability in Digiappz Freekot. It exploits insufficient input sanitization in the login mechanism to bypass authentication by injecting SQL conditions into the login and password fields.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Digiappz Freekot
No auth needed
Prerequisites: Access to the login page of the vulnerable application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/444752/100/0/threaded
Various Sources x_refsource_misc
http://www.kapda.ir/attach-1996-xpl_freekot.htm
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/21669
Vendor Advisory x_refsource_misc
http://www.kapda.ir/advisory-410.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/28672
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/1488
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/19768

Scores

EPSS 0.0126
EPSS Percentile 65.7%

Details

Status published
Products (2)
digiappz/freekot
digiappz/freekot 1.01
Published Sep 01, 2006
Tracked Since Feb 18, 2026