CVE-2007-0971

Jupiter CMS 1.1.5 - SQL Injection via HTTP Headers

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0971. PoCs published by DarkFig.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Jupiter CMS 1.1.5 by injecting a malicious 'Client-IP' header to extract admin credentials. It uses a custom PHP class to craft HTTP requests and parse responses.

Description

Multiple SQL injection vulnerabilities in Jupiter CMS 1.1.5 allow remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header and certain other HTTP headers, which set the ip variable that is used in SQL queries performed by index.php and certain other PHP scripts. NOTE: the attack vector might involve _SERVER.

Exploits (1)

exploitdb WORKING POC VERIFIED

by DarkFig · phpwebappsphp

https://www.exploit-db.com/exploits/3310

View Code ZIP pw:eip

This exploit demonstrates a SQL injection vulnerability in Jupiter CMS 1.1.5 by injecting a malicious 'Client-IP' header to extract admin credentials. It uses a custom PHP class to craft HTTP requests and parse responses.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Jupiter CMS 1.1.5

No auth needed

Prerequisites: Target must be running Jupiter CMS 1.1.5 · SQL injection vulnerability must be unpatched

MITRE ATT&CK