CVE-2009-1810

myColex 1.4.2 - SQL Injection via formUser Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1810. PoCs published by YEnH4ckEr.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in myColex 1.4.2, including SQL injection, authentication bypass, and XSS. It provides functional proof-of-concept URLs and payloads to exploit these issues.

Description

Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote attackers to execute arbitrary SQL commands via (1) the formUser parameter (aka the Name field) to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to (2) kategorie.php, (3) medium.php, (4) person.php, or (5) schlagwort.php in modules/, related to classes/class.perform.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by YEnH4ckEr · textwebappsphp

https://www.exploit-db.com/exploits/8707

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in myColex 1.4.2, including SQL injection, authentication bypass, and XSS. It provides functional proof-of-concept URLs and payloads to exploit these issues.

Classification

Working Poc 95%

Attack Type

Sqli | Auth Bypass | Xss

Complexity

Trivial

Reliability

Reliable

Target: myColex 1.4.2

No auth needed

Prerequisites: magic_quotes=OFF for auth bypass · registered user for some SQLi exploits

MITRE ATT&CK