CVE-2010-0973

phppool media Domain Verkaus and Auktions Portal - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-0973. PoCs published by Easy Laster.

AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in phppool media Domain Verkaufs und Auktions Portal. It provides a proof-of-concept exploit URL to extract user data (firstname, password, email) from the 'dsp_buyers' table.

Description

SQL injection vulnerability in index.php in phppool media Domain Verkaus and Auktions Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Easy Laster · textwebappsphp
https://www.exploit-db.com/exploits/11733

This is a writeup describing a SQL injection vulnerability in phppool media Domain Verkaufs und Auktions Portal. It provides a proof-of-concept exploit URL to extract user data (firstname, password, email) from the 'dsp_buyers' table.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: phppool Domain Verkaufs und Auktions Portal
No auth needed
Prerequisites: Access to the vulnerable web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0616
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/56872
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38939
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/11733

Scores

EPSS 0.0100
EPSS Percentile 58.3%

Details

CWE
CWE-89
Status published
Products (1)
scripteverkauf/domain_verkaus_and_auktions_portal
Published Mar 16, 2010
Tracked Since Feb 18, 2026