CVE-2009-4566

Zenphoto 1.2.5 - SQL Injection via News Title Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-4566. PoCs published by petros.

AI-analyzed exploit summary This JavaScript exploit demonstrates a blind SQL injection vulnerability in ZenPhoto 1.2.5 via the 'category' parameter in the ZenPage news module. It extracts admin credentials (username and password hash) using time-based techniques and includes functionality to emulate admin login by setting a forged authentication cookie.

Description

SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows remote attackers to execute arbitrary SQL commands via the title parameter in a news action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by petros · javascriptwebappsphp

https://www.exploit-db.com/exploits/9154

View Code ZIP pw:eip

This JavaScript exploit demonstrates a blind SQL injection vulnerability in ZenPhoto 1.2.5 via the 'category' parameter in the ZenPage news module. It extracts admin credentials (username and password hash) using time-based techniques and includes functionality to emulate admin login by setting a forged authentication cookie.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Racy

Target: ZenPhoto 1.2.5 with ZenPage plugin

No auth needed

Prerequisites: ZenPage plugin must be activated · At least one news category must exist · magic_quotes must be disabled (ZenPage disables it by default)

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 18, 2026 Full analysis →