CVE-2010-4984

My Kazaam Notes Management System - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-4984. PoCs published by L0rd CrusAd3r.

AI-analyzed exploit summary The document describes multiple vulnerabilities (SQLi, XSS, HTML injection) in My Kazaam Notes Management System v1, providing demo URLs but no functional exploit code. It lacks technical depth such as affected functions or code paths.

Description

SQL injection vulnerability in notes.php in My Kazaam Notes Management System allows remote attackers to execute arbitrary SQL commands via vectors involving the "Enter Reference Number Below" text box.

Exploits (1)

exploitdb WRITEUP VERIFIED
by L0rd CrusAd3r · textwebappsphp
https://www.exploit-db.com/exploits/14325

The document describes multiple vulnerabilities (SQLi, XSS, HTML injection) in My Kazaam Notes Management System v1, providing demo URLs but no functional exploit code. It lacks technical depth such as affected functions or code paths.

Classification
Writeup 80%
Attack Type
Sqli | Xss | Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: My Kazaam Notes Management System v1
No auth needed
Prerequisites: Access to the vulnerable application
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/60254
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/41542
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8494
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/14325

Scores

EPSS 0.0104
EPSS Percentile 59.5%

Details

CWE
CWE-89
Status published
Products (1)
mykazaam/notes_management_system
Published Nov 01, 2011
Tracked Since Feb 18, 2026