CVE-2006-5676

EIP tracks 1 public exploit for CVE-2006-5676. PoCs published by ajann.

AI-analyzed exploit summary This is a functional ASP-based exploit for CVE-2006-5676, targeting a SQL injection vulnerability in Php League v0.82's classement.php. It crafts a malicious URL to extract user credentials (ID, admin status, username, and password) via a UNION-based SQL injection.

SQL injection vulnerability in consult/classement.php in Uni-Vert PhpLeague 0.82 and earlier allows remote attackers to execute arbitrary SQL commands via the champ parameter.