CVE-2008-0253

Binn SBuilder - SQL Injection via full_text.php nid Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0253. PoCs published by JosS.

AI-analyzed exploit summary This is a detailed writeup describing a blind SQL injection vulnerability in Binn SBuilder. It provides examples of how to exploit the vulnerability to check for table existence, column counts, and column names, but does not include executable exploit code.

Description

SQL injection vulnerability in full_text.php in Binn SBuilder allows remote attackers to execute arbitrary SQL commands via the nid parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by JosS · textwebappsphp
https://www.exploit-db.com/exploits/4904

This is a detailed writeup describing a blind SQL injection vulnerability in Binn SBuilder. It provides examples of how to exploit the vulnerability to check for table existence, column counts, and column names, but does not include executable exploit code.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: Binn SBuilder
No auth needed
Prerequisites: Access to the vulnerable endpoint · Knowledge of SQL injection techniques
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/486265/100/0/threaded
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27264
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/39634
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/4904

Scores

EPSS 0.0097
EPSS Percentile 57.1%

Details

CWE
CWE-89
Status published
Products (1)
binn/sbuilder
Published Jan 15, 2008
Tracked Since Feb 18, 2026