CVE-2006-5221
Cahier de texte 2.0 - SQL Injection via matiere_ID or classe_ID Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-5221. PoCs published by s4mi.
AI-analyzed exploit summary This exploit targets a SQL injection vulnerability in Cahier de textes v2.0, extracting admin credentials via a crafted HTTP GET request. It leverages a UNION-based SQLi to dump usernames and passwords from the `cdt_prof` table.
Description
Multiple SQL injection vulnerabilities in Cahier de texte 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) matiere_ID parameter in lire.php or the (2) classe_ID parameter in lire_a_faire.php.
Exploits (1)
This exploit targets a SQL injection vulnerability in Cahier de textes v2.0, extracting admin credentials via a crafted HTTP GET request. It leverages a UNION-based SQLi to dump usernames and passwords from the `cdt_prof` table.