Exploitation Summary
EIP tracks 1 public exploit for CVE-2009-4621. PoCs published by ZhaoHuAn.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Discuz! Plugin JiangHu Inn version 1.1. The PoC uses a UNION-based SQL injection to extract user credentials (uid, username, password) from the cdb_members table.
Description
SQL injection vulnerability in the JiangHu Inn plugin 1.1 and earlier for Discuz! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to forummission.php.
Exploits (1)
This exploit demonstrates a SQL injection vulnerability in Discuz! Plugin JiangHu Inn version 1.1. The PoC uses a UNION-based SQL injection to extract user credentials (uid, username, password) from the cdb_members table.