Description
SQL injection vulnerability in viewjokes.php in Evernew Free Joke Script 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Hamza 'MizoZ' N. · textwebappsphp
https://www.exploit-db.com/exploits/11306
References (5)
Core 5
Core References
Exploit x_refsource_misc
http://packetstormsecurity.org/1002-exploits/evernewfjs-sql.txt
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/11306
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/38020
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/56043
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/35434
Scores
EPSS
0.0028
EPSS Percentile
51.1%
Details
CWE
CWE-89
Status
published
Products (1)
evernewscripts/free_joke_script
1.2
Published
Feb 12, 2010
Tracked Since
Feb 18, 2026