CVE-2007-4210

Exploitation Summary

EIP tracks 4 public exploits for CVE-2007-4210. PoCs published by k1tk4t.

AI-analyzed exploit summary This exploit demonstrates SQL injection vulnerabilities in la-nai CMS v1.2.14, specifically in the FAQ, EZSHOPINGCART, and GALLERY modules. It bypasses authentication by injecting SQL queries to extract user credentials from the database.

Description

Multiple SQL injection vulnerabilities in module.php in LANAI (la-nai) CMS 1.2.14 allow remote attackers to execute arbitrary SQL commands via (1) the mid parameter in an faqviewgroup action in the FAQ Modules, (2) the cid parameter in the EZSHOPINGCART Modules, or (3) the gid parameter in a view action in the GALLERY Modules.

Exploits (4)

exploitdb WORKING POC VERIFIED

by k1tk4t · textwebappsphp

https://www.exploit-db.com/exploits/4258

View Code ZIP pw:eip

This exploit demonstrates SQL injection vulnerabilities in la-nai CMS v1.2.14, specifically in the FAQ, EZSHOPINGCART, and GALLERY modules. It bypasses authentication by injecting SQL queries to extract user credentials from the database.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: la-nai CMS v1.2.14

No auth needed

Prerequisites: magic_quotes_gpc must be off · target must be using la-nai CMS v1.2.14

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by k1tk4t · textwebappsphp

https://www.exploit-db.com/exploits/30450

View Code ZIP pw:eip

This exploit demonstrates a SQL injection vulnerability in LANAI CMS by manipulating the 'gid' parameter in a URL to extract user credentials from the database. The payload uses UNION-based SQLi to retrieve data from the 'tbl_ln_user' table.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: LANAI CMS 1.2.14

No auth needed

Prerequisites: Access to the vulnerable LANAI CMS instance

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by k1tk4t · textwebappsphp

https://www.exploit-db.com/exploits/30448

View Code ZIP pw:eip

This exploit demonstrates a SQL injection vulnerability in LANAI CMS by injecting a UNION-based SQL query to extract user credentials from the database. The PoC manipulates the 'mid' parameter in the URL to bypass authentication and retrieve sensitive data.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: LANAI CMS 1.2.14

No auth needed

Prerequisites: Access to the vulnerable LANAI CMS instance · SQL injection vulnerability in the 'mid' parameter

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by k1tk4t · textwebappsphp

https://www.exploit-db.com/exploits/30449

View Code ZIP pw:eip

This exploit demonstrates a SQL injection vulnerability in LANAI CMS by manipulating the 'cid' parameter in a URL to extract user credentials via a UNION-based attack. The payload bypasses authentication and retrieves login-password pairs from the database.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: LANAI CMS 1.2.14

No auth needed

Prerequisites: Access to the vulnerable LANAI CMS instance · SQL injection vulnerability in the 'cid' parameter

MITRE ATT&CK