CVE-2007-6091

JiRo's Banner System/JUS 2.0 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6091. PoCs published by Aria-Security Team.

AI-analyzed exploit summary This exploit demonstrates SQL injection vulnerabilities in JiRo's Banner System 2.0 by providing proof-of-concept login credentials that bypass authentication. The payload manipulates SQL queries to achieve unauthorized access.

Description

Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System (JBS) 2.0, and possibly JiRo's Upload Manager (aka JiRo's Upload System or JUS), allow remote attackers to execute arbitrary SQL commands via the (1) Username (aka Login or Email) or (2) Password field.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Aria-Security Team · textwebappsasp
https://www.exploit-db.com/exploits/30775

This exploit demonstrates SQL injection vulnerabilities in JiRo's Banner System 2.0 by providing proof-of-concept login credentials that bypass authentication. The payload manipulates SQL queries to achieve unauthorized access.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: JiRo's Banner System 2.0
No auth needed
Prerequisites: Access to the login interface of JiRo's Banner System
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3384
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/26479
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/483859/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/38740
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/38741
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27713

Scores

EPSS 0.0226
EPSS Percentile 80.7%

Details

CWE
CWE-89
Status published
Products (1)
jiro/banner_system 2.0
Published Nov 22, 2007
Tracked Since Feb 18, 2026