CVE-2007-4918

Gelatocms - SQL Injection

Title source: rule

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4918. PoCs published by s0cratex.

AI-analyzed exploit summary This PHP script exploits a SQL injection vulnerability in Gelato CMS by injecting a UNION-based query to extract user credentials (username and MD5 password hash) from the database. It interacts with the target via HTTP and parses the response to display the leaked data.

Description

SQL injection vulnerability in classes/gelato.class.php in Gelato allows remote attackers to execute arbitrary SQL commands via the post parameter to index.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by s0cratex · phpwebappsphp

https://www.exploit-db.com/exploits/4410

View Code ZIP pw:eip

This PHP script exploits a SQL injection vulnerability in Gelato CMS by injecting a UNION-based query to extract user credentials (username and MD5 password hash) from the database. It interacts with the target via HTTP and parses the response to display the leaked data.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Gelato CMS (version unspecified)

No auth needed

Prerequisites: Target must be running Gelato CMS with vulnerable SQL query handling · Network access to the target web server

MITRE ATT&CK