CVE-2007-1931

Smodcms < 2.10 - SQL Injection

Title source: rule

Description

SQL injection vulnerability in index.php in the slownik module in SmodCMS 2.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ssid parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kacper · phpwebappsphp

https://www.exploit-db.com/exploits/3679

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/33477

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/3679

[Third Party Advisory, VDB Entry] http://osvdb.org/37395

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/1299

Scores

EPSS 0.0068

EPSS Percentile 71.6%

Details

Status published

Products (1)

smodcms/smodcms < 2.10

Published Apr 10, 2007

Tracked Since Feb 18, 2026