Exploitation Summary
EIP tracks 1 public exploit for CVE-2008-2909. PoCs published by anonymous.
AI-analyzed exploit summary This Perl script exploits a SQL injection vulnerability in Clever Copy's results.php to extract admin credentials. It checks for vulnerability, injects a union-based SQL query, and retrieves the username and hashed password.
Description
SQL injection vulnerability in results.php in Clever Copy 3.0 allows remote attackers to execute arbitrary SQL commands via the searchtype parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by anonymous · perlwebappsphp
https://www.exploit-db.com/exploits/5794
This Perl script exploits a SQL injection vulnerability in Clever Copy's results.php to extract admin credentials. It checks for vulnerability, injects a union-based SQL query, and retrieves the username and hashed password.
Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
Clever Copy (version not specified)
No auth needed
Prerequisites:
Target must be running vulnerable Clever Copy software · results.php must be accessible
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (5)
Core 5
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/29694
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1020294
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/5794
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30699
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/43064
Scores
EPSS
0.0100
EPSS Percentile
58.4%
Details
CWE
CWE-89
Status
published
Products (1)
clever_copy/clever_copy
3.0
Published
Jun 30, 2008
Tracked Since
Feb 18, 2026