CVE-2007-2971

gCards < 1.46 - SQL Injection via NewsID Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2971. PoCs published by Silentz.

AI-analyzed exploit summary This exploit targets gCards <= 1.46, leveraging SQL injection to retrieve admin credentials and achieve remote code execution by uploading a malicious PHP shell. It includes authentication bypass and command execution capabilities.

Description

SQL injection vulnerability in getnewsitem.php in gCards 1.46 and earlier allows remote attackers to execute arbitrary SQL commands via the newsid parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Silentz · phpwebappsphp

https://www.exploit-db.com/exploits/3988

View Code ZIP pw:eip

This exploit targets gCards <= 1.46, leveraging SQL injection to retrieve admin credentials and achieve remote code execution by uploading a malicious PHP shell. It includes authentication bypass and command execution capabilities.

Classification

Working Poc 95%

Attack Type

Rce | Sqli | Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: gCards <= 1.46

No auth needed

Prerequisites: Network access to the target · gCards installation with vulnerable version

MITRE ATT&CK