CVE-2007-4106

CodeWidgets Pay Roll - Time Sheet and Punch Card App - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4106. PoCs published by Aria-Security Team.

AI-analyzed exploit summary This is a writeup describing an SQL injection vulnerability in Pay Roll - Time Sheet and Punch Card Application With Web Interface. It provides a basic example of exploiting the vulnerability using a simple SQLi payload in the password field.

Description

SQL injection vulnerability in login.asp in CodeWidgets Pay Roll - Time Sheet and Punch Card Application With Web Interface allows remote attackers to execute arbitrary SQL commands via the Password parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Aria-Security Team · textwebappsasp

https://www.exploit-db.com/exploits/30427

View Code ZIP pw:eip

This is a writeup describing an SQL injection vulnerability in Pay Roll - Time Sheet and Punch Card Application With Web Interface. It provides a basic example of exploiting the vulnerability using a simple SQLi payload in the password field.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Pay Roll - Time Sheet and Punch Card Application With Web Interface

No auth needed

Prerequisites: Valid username (e.g., 'admin')

MITRE ATT&CK