CVE-2010-4997

OlyKit Swoopo Clone 2010 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-4997. PoCs published by L0rd CrusAd3r.

AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in Swoopo Clone 2010. The vulnerability is located in the 'id' parameter of the 'product' module, allowing attackers to inject malicious SQL queries.

Description

SQL injection vulnerability in index.php in OlyKit Swoopo Clone 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter in a product action.

Exploits (1)

exploitdb WRITEUP VERIFIED

by L0rd CrusAd3r · textwebappsphp

https://www.exploit-db.com/exploits/14084

View Code ZIP pw:eip

This is a writeup describing a SQL injection vulnerability in Swoopo Clone 2010. The vulnerability is located in the 'id' parameter of the 'product' module, allowing attackers to inject malicious SQL queries.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Swoopo Clone 2010

No auth needed

Prerequisites: Access to the vulnerable URL parameter

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/40360

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/14084

Scores

EPSS 0.0093

EPSS Percentile 55.9%

Details

CWE

CWE-89

Status published

Products (1)

olykit/swoopo_clone_2010

Published Nov 02, 2011

Tracked Since Feb 18, 2026