CVE-2007-2538

RunCms < 1.5.2 - SQL Injection via executed_queries Array Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2538. PoCs published by rgod.

AI-analyzed exploit summary This exploit targets a SQL injection vulnerability in RunCms <= 1.5.2 via the debug_show.php file, allowing unauthenticated credential disclosure. It uses a blind SQL injection technique to extract the admin username and password hash.

Description

SQL injection vulnerability in class/debug/debug_show.php in RunCms 1.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the executed_queries array parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/3850

View Code ZIP pw:eip

This exploit targets a SQL injection vulnerability in RunCms <= 1.5.2 via the debug_show.php file, allowing unauthenticated credential disclosure. It uses a blind SQL injection technique to extract the admin username and password hash.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: RunCms <= 1.5.2

No auth needed

Prerequisites: Target must be running RunCms <= 1.5.2 · Debug functionality must be accessible

MITRE ATT&CK