CVE-2010-4989
Ziggurat Farsi CMS - SQL Injection via main.asp grp Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-4989. PoCs published by Arash Saadatfar.
AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in Ziggurat Farsi CMS. It provides the vulnerable file path and parameter but lacks executable exploit code.
Description
SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arbitrary SQL commands via the grp parameter.
Exploits (1)
exploitdb
WRITEUP
by Arash Saadatfar · textwebappsasp
https://www.exploit-db.com/exploits/14192
This is a writeup describing a SQL injection vulnerability in Ziggurat Farsi CMS. It provides the vulnerable file path and parameter but lacks executable exploit code.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target:
Ziggurat Farsi CMS
No auth needed
Prerequisites:
Access to the vulnerable web application
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/60065
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/14192
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1688
Scores
EPSS
0.0100
EPSS Percentile
59.0%
Details
CWE
CWE-89
Status
published
Products (1)
farsi-cms/ziggurat_farsi_cms
Published
Nov 01, 2011
Tracked Since
Feb 18, 2026