CVE-2007-0951

Fullaspsite ASP Hosting Site - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0951. PoCs published by ShaFuck31.

AI-analyzed exploit summary The provided text describes an SQL injection vulnerability in Fullaspsite Shop, where the 'cat' parameter in 'listmain.asp' is not properly sanitized. It lacks actual exploit code but outlines the vulnerability and potential impact.

Description

SQL injection vulnerability in listmain.asp in Fullaspsite ASP Hosting Site allows remote attackers to execute arbitrary SQL commands via the cat parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by ShaFuck31 · textwebappsasp

https://www.exploit-db.com/exploits/29601

View Code ZIP pw:eip

The provided text describes an SQL injection vulnerability in Fullaspsite Shop, where the 'cat' parameter in 'listmain.asp' is not properly sanitized. It lacks actual exploit code but outlines the vulnerability and potential impact.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Theoretical

Target: Fullaspsite Shop

No auth needed

Prerequisites: Access to the vulnerable endpoint

MITRE ATT&CK