CVE-2008-0469
Tiger Php News System < 1.0b - SQL Injection via catid Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2008-0469. PoCs published by 0in.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Tiger PHP News System. The PoC uses a crafted URL to extract password hashes from the 'user' table via a UNION-based SQL injection.
Description
SQL injection vulnerability in index.php in Tiger Php News System (TPNS) 1.0b and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter in a newscat action.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by 0in · textwebappsphp
https://www.exploit-db.com/exploits/4984
This exploit demonstrates a SQL injection vulnerability in Tiger PHP News System. The PoC uses a crafted URL to extract password hashes from the 'user' table via a UNION-based SQL injection.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
Tiger PHP News System
No auth needed
Prerequisites:
Target application must be accessible · SQL injection vulnerability must be present in the 'catid' parameter
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (7)
Core 7
Core References
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0312
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/4984
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/39908
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/27445
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/486961/100/0/threaded
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28641
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/3587
Scores
EPSS
0.0123
EPSS Percentile
65.2%
Details
CWE
CWE-89
Status
published
Products (1)
tiger_php_news_system/tiger_php_news_system
< 1.0b
Published
Jan 29, 2008
Tracked Since
Feb 18, 2026