CVE-2007-1019

webSPELL 4.01.02 - SQL Injection via showonly Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1019. PoCs published by DNX.

AI-analyzed exploit summary This exploit targets a SQL injection vulnerability in webSPELL v4.01.02 via the unquoted 'showonly' parameter in news.php. It performs a blind SQL injection to extract the MD5 hash of a user's password by brute-forcing each character.

Description

SQL injection vulnerability in news.php in webSPELL 4.01.02, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the showonly parameter to index.php, a different vector than CVE-2006-5388.

Exploits (1)

exploitdb WORKING POC VERIFIED

by DNX · perlwebappsphp

https://www.exploit-db.com/exploits/3325

View Code ZIP pw:eip

This exploit targets a SQL injection vulnerability in webSPELL v4.01.02 via the unquoted 'showonly' parameter in news.php. It performs a blind SQL injection to extract the MD5 hash of a user's password by brute-forcing each character.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: webSPELL v4.01.02

No auth needed

Prerequisites: register_globals = on · target must be running webSPELL v4.01.02

MITRE ATT&CK