CVE-2008-3598

psipuss 1.0 - SQL Injection via Cid Parameter or Username Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-3598. PoCs published by Virangar Security.

AI-analyzed exploit summary This exploit demonstrates SQL injection and authentication bypass vulnerabilities in psipuss version 1.0. The SQLi allows arbitrary data retrieval from the 'users' table, while the auth bypass leverages a classic SQL injection to bypass login checks.

Description

Multiple SQL injection vulnerabilities in psipuss 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the Cid parameter to categories.php or (2) the Username parameter to login.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Virangar Security · textwebappsphp

https://www.exploit-db.com/exploits/6226

View Code ZIP pw:eip

This exploit demonstrates SQL injection and authentication bypass vulnerabilities in psipuss version 1.0. The SQLi allows arbitrary data retrieval from the 'users' table, while the auth bypass leverages a classic SQL injection to bypass login checks.

Classification

Working Poc 90%

Attack Type

Sqli | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: psipuss version 1.0

No auth needed

Prerequisites: Access to the target web application

MITRE ATT&CK