CVE-2009-0702

EIP tracks 1 public exploit for CVE-2009-0702. PoCs published by EcHoLL.

AI-analyzed exploit summary This Perl script exploits a SQL injection vulnerability in Joomla's com_phocadocumentation component to extract admin credentials. It constructs a malicious SQL query via the 'id' parameter and retrieves username/password hashes from the jos_users table.

SQL injection vulnerability in the Phoca Documentation (com_phocadocumentation) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action to index.php.