Exploitation Summary
EIP tracks 1 public exploit for CVE-2010-4987. PoCs published by SONIC.
AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in KMSoft GB. It provides a demo URL with a parameter susceptible to SQLi but lacks actual exploit code or technical details.
Description
SQL injection vulnerability in default.asp in KMSoft Guestbook (aka GBook) allows remote attackers to execute arbitrary SQL commands via the p parameter.
Exploits (1)
exploitdb
WRITEUP
by SONIC · textwebappsasp
https://www.exploit-db.com/exploits/14281
This is a writeup describing a SQL injection vulnerability in KMSoft GB. It provides a demo URL with a parameter susceptible to SQLi but lacks actual exploit code or technical details.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target:
KMSoft GB (version unspecified)
No auth needed
Prerequisites:
Access to the vulnerable URL parameter
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (4)
Core 4
Core References
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1768
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/60198
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/41491
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/14281
Scores
EPSS
0.0101
EPSS Percentile
58.7%
Details
CWE
CWE-89
Status
published
Products (1)
kmsoft/guestbook
Published
Nov 01, 2011
Tracked Since
Feb 18, 2026