CVE-2008-4732

WP Comment Remix Plugin < 1.4.4 - SQL Injection via p Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-4732. PoCs published by g30rg3_x.

AI-analyzed exploit summary This is a functional proof-of-concept exploit for CVE-2008-4732, targeting a SQL injection vulnerability in WP Comment Remix 1.4.3. It extracts database information, user credentials, and WordPress options via crafted SQL queries.

Description

SQL injection vulnerability in ajax_comments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by g30rg3_x · phpwebappsphp

https://www.exploit-db.com/exploits/6747

View Code ZIP pw:eip

This is a functional proof-of-concept exploit for CVE-2008-4732, targeting a SQL injection vulnerability in WP Comment Remix 1.4.3. It extracts database information, user credentials, and WordPress options via crafted SQL queries.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: WP Comment Remix 1.4.3

No auth needed

Prerequisites: Target must have WP Comment Remix 1.4.3 installed · Target must be accessible via HTTP

MITRE ATT&CK