Exploitation Summary
EIP tracks 1 public exploit for CVE-2008-3603. PoCs published by CraCkEr.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Vacation Rental Script 3.0 via the 'id' parameter in the 'sections' object. It retrieves user credentials (username and password) from the database using a UNION-based SQLi technique.
Description
SQL injection vulnerability in index.php in Vacation Rental Script 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a sections action.
Exploits (1)
This exploit demonstrates a SQL injection vulnerability in Vacation Rental Script 3.0 via the 'id' parameter in the 'sections' object. It retrieves user credentials (username and password) from the database using a UNION-based SQLi technique.