CVE-2008-6282
CMS Ortus < 1.13 - Authenticated SQL Injection via City Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2008-6282. PoCs published by otmorozok428.
AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in CMS Ortus versions 1.12 and 1.13. The exploit involves injecting malicious input into the 'City' field during user profile editing to escalate privileges to admin.
Description
SQL injection vulnerability in engine/users/users_edit_pub.inc in CMS Ortus 1.13 and earlier allows remote authenticated users to execute arbitrary SQL commands via the city parameter in a users_edit_pub action to index.php.
Exploits (1)
This is a writeup describing a SQL injection vulnerability in CMS Ortus versions 1.12 and 1.13. The exploit involves injecting malicious input into the 'City' field during user profile editing to escalate privileges to admin.