CVE-2008-5496

PozScripts Business Directory Script - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-5496. PoCs published by Hussin X.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Business Directory Script via the 'cid' parameter in showcategory.php. The PoC extracts database user and version information using a UNION-based SQLi technique.

Description

SQL injection vulnerability in showcategory.php in PozScripts Business Directory Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Hussin X · textwebappsphp
https://www.exploit-db.com/exploits/7098

This exploit demonstrates a SQL injection vulnerability in Business Directory Script via the 'cid' parameter in showcategory.php. The PoC extracts database user and version information using a UNION-based SQLi technique.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Business Directory Script (version not specified)
No auth needed
Prerequisites: Target application must be running Business Directory Script with vulnerable showcategory.php endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46558
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/7098
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32647
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4714
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/3118
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32264
Exploit vdb-entry x_refsource_osvdb
http://osvdb.org/49822

Scores

EPSS 0.0119
EPSS Percentile 63.9%

Details

CWE
CWE-89
Status published
Products (1)
pozscripts/business_directory_script
Published Dec 12, 2008
Tracked Since Feb 18, 2026