Exploitation Summary
EIP tracks 1 public exploit for CVE-2010-4736. PoCs published by R4dc0re.
AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in Gatesoft Docusafe 4.1.0. It provides the vulnerable parameter and endpoint but lacks executable exploit code.
Description
SQL injection vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and 4.1.2 allows remote attackers to execute arbitrary SQL commands via the ECO_ID parameter. NOTE: some of these details are obtained from third party information.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by R4dc0re · textwebappsasp
https://www.exploit-db.com/exploits/15686
This is a writeup describing a SQL injection vulnerability in Gatesoft Docusafe 4.1.0. It provides the vulnerable parameter and endpoint but lacks executable exploit code.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target:
Gatesoft Docusafe 4.1.0
No auth needed
Prerequisites:
network access to the target web application
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (5)
Core 5
Core References
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/15686
Exploit x_refsource_misc
http://packetstormsecurity.org/files/view/96398/gatesafedocusafe-sql.txt
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/45182
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/8086
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27660
Scores
EPSS
0.0102
EPSS Percentile
58.9%
Details
CWE
CWE-89
Status
published
Products (2)
gatesoft/docusafe
4.1.0
gatesoft/docusafe
4.1.2
Published
Feb 16, 2011
Tracked Since
Feb 18, 2026