Description
SQL injection vulnerability in cat.php in SMSPages 1.0 in Mr.Saphp Arabic Script Mobile (aka Messages Library) 2.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by SecurityRules · textwebappsphp
https://www.exploit-db.com/exploits/9027
References (1)
Core 1
Core References
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/9027
Scores
EPSS
0.0023
EPSS Percentile
46.0%
Details
CWE
CWE-89
Status
published
Products (1)
smspages/smspages
1.0
Published
Jul 09, 2009
Tracked Since
Feb 18, 2026