CVE-2010-4006

WSN Links < 5.0.81, < 5.1.51, < 6.0.1 SQL Injection via search.php

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-4006. PoCs published by Mark Stanislav.

AI-analyzed exploit summary This exploit demonstrates SQL injection in WSN Links via the 'namecondition' and 'namesearch' parameters, allowing file writes and remote code execution through UNION-based queries. It requires FILE privileges and writable web directories.

Description

Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) namecondition or (2) namesearch parameter.

Exploits (1)

exploitdb WORKING POC
by Mark Stanislav · textwebappsphp
https://www.exploit-db.com/exploits/15607

This exploit demonstrates SQL injection in WSN Links via the 'namecondition' and 'namesearch' parameters, allowing file writes and remote code execution through UNION-based queries. It requires FILE privileges and writable web directories.

Classification
Working Poc 100%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: WSN Links < 6.0.1, < 5.1.51, < 5.0.81
No auth needed
Prerequisites: FILE SQL privilege · writable web directory
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory mailing-list x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2010-10/0512.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/514585/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/62939
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/44593
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/15607

Scores

EPSS 0.0115
EPSS Percentile 62.5%

Details

CWE
CWE-89
Status published
Products (50)
wsn/links 5.1.2
wsn/links 5.1.3
wsn/links 5.1.17
wsn/links 5.1.18
wsn/links 5.1.19
wsn/links 5.1.20
wsn/links 5.1.21
wsn/links 5.1.22
wsn/links 5.1.23
wsn/links 5.1.24
... and 40 more
Published Nov 03, 2010
Tracked Since Feb 18, 2026