CVE-2007-6576

Adult Script <1.6.5 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6576. PoCs published by MhZ91.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Adult Script, allowing an attacker to extract admin credentials (username, password, and email) via a UNION-based SQLi attack. The PoC provides direct URLs to exploit the vulnerability in vulnerable endpoints.

Description

Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) videolink_count.php or (2) links.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by MhZ91 · textwebappsphp

https://www.exploit-db.com/exploits/4775

View Code ZIP pw:eip

This exploit demonstrates a SQL injection vulnerability in Adult Script, allowing an attacker to extract admin credentials (username, password, and email) via a UNION-based SQLi attack. The PoC provides direct URLs to exploit the vulnerability in vulnerable endpoints.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Adult Script (version not specified)

No auth needed

Prerequisites: A vulnerable instance of Adult Script · Access to the target URLs

MITRE ATT&CK