CVE-2008-6246
Scripts For Sites EZ Webring - SQL Injection via Category Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2008-6246. PoCs published by d3b4g.
AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in SFS EZ Webring. The vulnerability allows an attacker to inject SQL queries via the 'cat' parameter in the category.php script.
Description
SQL injection vulnerability in category.php in Scripts For Sites (SFS) EZ Webring allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by d3b4g · textwebappsphp
https://www.exploit-db.com/exploits/6913
This is a writeup describing a SQL injection vulnerability in SFS EZ Webring. The vulnerability allows an attacker to inject SQL queries via the 'cat' parameter in the category.php script.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
SFS EZ Webring
No auth needed
Prerequisites:
Access to the vulnerable web application
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (4)
Core 4
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/32550
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46279
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/32032
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/6913
Scores
EPSS
0.0097
EPSS Percentile
57.4%
Details
CWE
CWE-89
Status
published
Products (1)
scripts-for-sites/ez_webring
Published
Feb 23, 2009
Tracked Since
Feb 18, 2026