CVE-2006-6577

Neocrome LDU <8 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in polls.php in Neocrome Land Down Under (LDU) 8.x and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED

by ajann · textwebappsphp

https://www.exploit-db.com/exploits/2871

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by nukedx · textwebappsphp

https://www.exploit-db.com/exploits/2819

View Code ZIP pw:eip

References (4)

Core 4

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/21366

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/30616

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/453134/100/200/threaded

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/2037

Scores

EPSS 0.0038

EPSS Percentile 59.7%

Details

Status published

Products (2)

neocrome/land_down_under 8.0

neocrome/seditio 1.10

Published Dec 15, 2006

Tracked Since Feb 18, 2026