CVE-2007-0575

AdMentor - SQL Injection via Administrative Login Userid and Password Fields

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0575. PoCs published by Cr@zy_King.

AI-analyzed exploit summary This is a working proof-of-concept for an SQL injection vulnerability in AdMentor admin login. It demonstrates an authentication bypass by injecting SQL code into the username and password fields.

Description

Multiple SQL injection vulnerabilities in the administrative login page (admin/login.asp) in ASPCode.net AdMentor allow remote attackers to execute arbitrary SQL commands via the (1) Userid and (2) Password fields.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Cr@zy_King · htmlwebappsasp
https://www.exploit-db.com/exploits/29533

This is a working proof-of-concept for an SQL injection vulnerability in AdMentor admin login. It demonstrates an authentication bypass by injecting SQL code into the username and password fields.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: AdMentor (version not specified)
No auth needed
Prerequisites: Access to the AdMentor admin login page
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/460632/100/100/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/2207
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/31908
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/458303/100/0/threaded
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/22281

Scores

EPSS 0.0118
EPSS Percentile 63.5%

Details

Status published
Products (1)
stefan_holmberg/admentor
Published Jan 30, 2007
Tracked Since Feb 18, 2026