CVE-2006-6859

Website Designs For Less Click N' Print Coupons < 2005-01-00 - SQL Injection via coupon_detail.asp key Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-6859. PoCs published by ajann.

AI-analyzed exploit summary This Perl script exploits a SQL injection vulnerability in Click N' Print Coupons <= V2005.01 via the 'key' parameter in coupon_detail.asp. It retrieves admin credentials by injecting a UNION-based SQL query.

Description

SQL injection vulnerability in coupon_detail.asp in Website Designs For Less Click N' Print Coupons 2005.01 and earlier allows remote attackers to execute arbitrary SQL commands via the key parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by ajann · perlwebappsasp

https://www.exploit-db.com/exploits/3048

View Code ZIP pw:eip

This Perl script exploits a SQL injection vulnerability in Click N' Print Coupons <= V2005.01 via the 'key' parameter in coupon_detail.asp. It retrieves admin credentials by injecting a UNION-based SQL query.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Click N' Print Coupons <= V2005.01

No auth needed

Prerequisites: Target URL with vulnerable coupon_detail.asp endpoint

MITRE ATT&CK