CVE-2008-0773
Phil Taylor Comments < 0.5.8.5g - SQL Injection via id Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2008-0773. PoCs published by CheebaHawk215.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Mambo's com_comments component, allowing an attacker to extract user credentials (username and password) from the mos_users table via a UNION-based attack.
Description
SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.
Exploits (1)
This exploit demonstrates a SQL injection vulnerability in Mambo's com_comments component, allowing an attacker to extract user credentials (username and password) from the mos_users table via a UNION-based attack.