CVE-2009-1814

PHPenpals < 1.1 - SQL Injection via mail.php ID Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1814. PoCs published by Br0ly.

AI-analyzed exploit summary This Perl script exploits a SQL injection vulnerability in Phpenpals <= 1.1, allowing an attacker to retrieve the admin password or read arbitrary files from the server. It uses union-based SQL injection to extract data via the 'mail.php' endpoint.

Description

SQL injection vulnerability in mail.php in PHPenpals 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the profile.php vector is already covered by CVE-2006-0074.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Br0ly · perlwebappsphp
https://www.exploit-db.com/exploits/8706

This Perl script exploits a SQL injection vulnerability in Phpenpals <= 1.1, allowing an attacker to retrieve the admin password or read arbitrary files from the server. It uses union-based SQL injection to extract data via the 'mail.php' endpoint.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Phpenpals <= 1.1
No auth needed
Prerequisites: Target must be running Phpenpals <= 1.1 · SQL injection endpoint must be accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/1342
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/8706
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/34996
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/18269

Scores

EPSS 0.0099
EPSS Percentile 57.9%

Details

CWE
CWE-89
Status published
Products (1)
jevontech/phpenpals < 1.1
Published May 29, 2009
Tracked Since Feb 18, 2026