Description
SQL injection vulnerability in pages.php in MyPHP CMS 0.3.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by CWH Underground · textwebappsphp
https://www.exploit-db.com/exploits/5937
References (5)
Core 5
Core References
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/5937
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1953/references
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/4115
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/43358
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/29940
Scores
EPSS
0.0044
EPSS Percentile
63.1%
Details
CWE
CWE-89
Status
published
Products (1)
myphp_cms/myphp_cms
0.3.1
Published
Aug 06, 2008
Tracked Since
Feb 18, 2026