CVE-2009-4571

PhpShop 0.8.1 - SQL Injection via Multiple Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2009-4571. PoCs published by By onestree, Andrea Fabrizi.

AI-analyzed exploit summary The exploit demonstrates SQL injection vulnerabilities in phpshop 2.0 via crafted URL parameters. It includes two distinct injection points, one for database enumeration and another for credential extraction from the auth_user_md5 table.

Description

Multiple SQL injection vulnerabilities in index.php in PhpShop 0.8.1 allow remote attackers to execute arbitrary SQL commands via the (1) module_id parameter in an admin/function_list action, the (2) vendor_id parameter in a vendor/vendor_form action, the (3) module_id parameter in an admin/module_form action, the (4) user_id parameter in an admin/user_form action, the (5) vendor_category_id parameter in a vendor/vendor_category_form action, the (6) user_id parameter in a store/user_form action, the (7) payment_method_id parameter in a store/payment_method_form action, the (8) tax_rate_id parameter in a tax/tax_form action, or the (9) category parameter in a shop/browse action. NOTE: the product_id vector is already covered by CVE-2008-0681.

Exploits (2)

exploitdb WORKING POC VERIFIED
by By onestree · textwebappsphp
https://www.exploit-db.com/exploits/24108

The exploit demonstrates SQL injection vulnerabilities in phpshop 2.0 via crafted URL parameters. It includes two distinct injection points, one for database enumeration and another for credential extraction from the auth_user_md5 table.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: phpshop 2.0
No auth needed
Prerequisites: Access to the vulnerable phpshop 2.0 web application
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by Andrea Fabrizi · textwebappsphp
https://www.exploit-db.com/exploits/10324

This is a writeup detailing multiple SQL injection, blind SQL injection, CSRF, and XSS vulnerabilities in PHPShop 0.8.1. It provides example URLs demonstrating the vulnerabilities but does not include executable exploit code.

Classification
Writeup 100%
Attack Type
Sqli | Xss | Csrf
Complexity
Trivial
Reliability
Reliable
Target: PHPShop 0.8.1
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31948
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/37227
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/54584
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/508270/100/0/threaded

Scores

EPSS 0.0202
EPSS Percentile 78.4%

Details

CWE
CWE-89
Status published
Products (1)
phpshop/phpshop 0.8.1
Published Jan 05, 2010
Tracked Since Feb 18, 2026