Description
SQL injection vulnerability in kommentare.php in Creative Files 1.2 allows remote attackers to execute arbitrary SQL commands via the dlid parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Mehmet Ince · textwebappsphp
https://www.exploit-db.com/exploits/3498
References (4)
Core 4
Core References
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/3498
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/23000
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/33021
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/33747
Scores
EPSS
0.0045
EPSS Percentile
63.9%
Details
Status
published
Products (1)
thecreativeheads.de/creative_files
1.2
Published
Mar 21, 2007
Tracked Since
Feb 18, 2026