Exploitation Summary
EIP tracks 2 public exploits for CVE-2010-2912. PoCs published by Sid3^effects, ScOrPiOn.
AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in Kayako eSupport v3.70.02. It provides a URL pattern for exploitation but lacks actual exploit code or payload details.
Description
SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the _a parameter in a downloads action.
Exploits (2)
This is a writeup describing a SQL injection vulnerability in Kayako eSupport v3.70.02. It provides a URL pattern for exploitation but lacks actual exploit code or payload details.
The entry describes a SQL injection vulnerability in Kayako eSupport v3.70.02, specifically in the `/includes/functions.php` file, exploitable via the `_a` parameter in the downloads module. It provides a basic URL structure for exploitation but lacks detailed technical analysis or functional exploit code.