Exploitation Summary
EIP tracks 1 public exploit for CVE-2007-1517. PoCs published by WiLdBoY.
AI-analyzed exploit summary This is a SQL injection exploit targeting WSN Guestbook 1.21 via the 'id' parameter in comments.php. It demonstrates a UNION-based SQLi to extract user credentials from the database.
Description
SQL injection vulnerability in comments.php in WSN Guest 1.02 and 1.21 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by WiLdBoY · htmlwebappsphp
https://www.exploit-db.com/exploits/3477
This is a SQL injection exploit targeting WSN Guestbook 1.21 via the 'id' parameter in comments.php. It demonstrates a UNION-based SQLi to extract user credentials from the database.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
WSN Guestbook 1.21
No auth needed
Prerequisites:
Target must be running WSN Guestbook 1.21 or 1.02 · comments.php must be accessible
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/22969
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32983
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/3477
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/462814/100/0/threaded
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/2451
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/34512
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0968
Scores
EPSS
0.0126
EPSS Percentile
65.7%
Details
Status
published
Products (1)
paul_knierim/wsn_guest
1.21
Published
Mar 20, 2007
Tracked Since
Feb 18, 2026