CVE-2008-0685

iTechClassifieds 3.0 - SQL Injection via ViewCat.php CatID Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-0685. PoCs published by Crackers_Child.

AI-analyzed exploit summary The provided text describes an input-validation vulnerability in iTechClassifieds that can lead to SQL injection or XSS. It includes a generic example URL but lacks actual exploit code or technical details for execution.

Description

SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.

Exploits (2)

exploitdb WRITEUP VERIFIED
by Crackers_Child · textwebappsphp
https://www.exploit-db.com/exploits/31093

The provided text describes an input-validation vulnerability in iTechClassifieds that can lead to SQL injection or XSS. It includes a generic example URL but lacks actual exploit code or technical details for execution.

Classification
Writeup 90%
Attack Type
Sqli | Xss
Complexity
Trivial
Reliability
Theoretical
Target: iTechClassifieds (version unspecified)
No auth needed
Prerequisites: Access to the vulnerable application endpoint
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
webappsphp
https://www.exploit-db.com/exploits/31140

The exploit demonstrates SQL injection vulnerabilities in iTechClassifieds v3.03.057 via the 'PreviewNum' and 'CatID' parameters. It provides direct PoC URLs with injection points, confirming the vulnerability's existence.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: iTechClassifieds v3.03.057
No auth needed
Prerequisites: Access to the target application
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28773
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27574
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=120197273611835&w=2

Scores

EPSS 0.0096
EPSS Percentile 56.8%

Details

CWE
CWE-89
Status published
Products (1)
itechscripts/itechclassifieds 3.0
Published Feb 12, 2008
Tracked Since Feb 18, 2026