Exploitation Summary
EIP tracks 2 public exploits for CVE-2010-0955. PoCs published by Easy Laster.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Bild Flirt <= 1.0, allowing an attacker to extract username and password hashes from the database via a crafted HTTP request.
Description
SQL injection vulnerability in index.php in Bild Flirt Community 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Exploits (2)
This exploit demonstrates a SQL injection vulnerability in Bild Flirt <= 1.0, allowing an attacker to extract username and password hashes from the database via a crafted HTTP request.
This exploit demonstrates a SQL injection vulnerability in Bild Flirt System V2.0 via the 'id' parameter in index.php. The PoC uses a UNION-based SQLi to extract user credentials (name and password) from the 'bildf_user' table.