CVE-2008-4159
Jaw Portal and Zanfi CMS Lite - SQL Injection via Page Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2008-4159. PoCs published by Cru3l.b0y.
AI-analyzed exploit summary The exploit demonstrates a SQL injection vulnerability in Zanfi CMS lite / Jaw Portal free by injecting a crafted SQL query via the 'page' parameter in the URL. The payload retrieves database version and user information.
Description
SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page (pageid) parameter.
Exploits (1)
The exploit demonstrates a SQL injection vulnerability in Zanfi CMS lite / Jaw Portal free by injecting a crafted SQL query via the 'page' parameter in the URL. The payload retrieves database version and user information.