Description
SQL injection vulnerability in tops_top.php in Million Pixel Ad Script (Million Pixel Script) allows remote attackers to execute arbitrary SQL commands via the id_cat parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Hussin X · textwebappsphp
https://www.exploit-db.com/exploits/6044
References (2)
Core 2
Core References
Exploit x_refsource_misc
http://packetstorm.linuxsecurity.com/0808-exploits/millionpixel-sql.txt
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31626
Scores
EPSS
0.0056
EPSS Percentile
68.2%
Details
CWE
CWE-89
Status
published
Products (1)
texmedia/million_pixel_script
Published
Sep 11, 2008
Tracked Since
Feb 18, 2026