CVE-2009-1812

myGesuad 0.9.14 - SQL Injection via Name Field and ID Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1812. PoCs published by YEnH4ckEr.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in my-Gesuad 0.9.14, including SQL injection, authentication bypass, and XSS. It provides proof-of-concept URLs and payloads to exploit these flaws.

Description

Multiple SQL injection vulnerabilities in myGesuad 0.9.14 (aka 0.9) allow remote attackers to execute arbitrary SQL commands via (1) the formUser parameter (aka the Name field) to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail action to (2) kategorie.php, (3) budget.php, (4) zahlung.php, or (5) adresse.php in modules/, related to classes/class.perform.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by YEnH4ckEr · textwebappsphp

https://www.exploit-db.com/exploits/8708

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in my-Gesuad 0.9.14, including SQL injection, authentication bypass, and XSS. It provides proof-of-concept URLs and payloads to exploit these flaws.

Classification

Working Poc 95%

Attack Type

Sqli | Auth Bypass | Xss

Complexity

Trivial

Reliability

Reliable

Target: my-Gesuad 0.9.14

No auth needed

Prerequisites: magic quotes=OFF for auth bypass · registered user for SQLi

MITRE ATT&CK