Exploitation Summary
EIP tracks 1 public exploit for CVE-2010-5033. PoCs published by Shamus.
AI-analyzed exploit summary This is an advisory detailing a SQL injection vulnerability in Fusebox's ProductList.cfm via the CatDisplay parameter. It provides PoC URLs but no actual exploit code.
Description
SQL injection vulnerability in ProductList.cfm in Fusebox 5.5.1 allows remote attackers to execute arbitrary SQL commands via the CatDisplay parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Shamus · textwebappswindows
https://www.exploit-db.com/exploits/12786
This is an advisory detailing a SQL injection vulnerability in Fusebox's ProductList.cfm via the CatDisplay parameter. It provides PoC URLs but no actual exploit code.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target:
Fusebox (version unspecified)
No auth needed
Prerequisites:
Access to a vulnerable Fusebox installation
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (5)
Core 5
Core References
Exploit x_refsource_misc
http://packetstormsecurity.org/1005-exploits/fusebox-sql.txt
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/8520
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/12786
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/40439
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/59003
Scores
EPSS
0.0104
EPSS Percentile
59.7%
Details
CWE
CWE-89
Status
published
Products (1)
fusebox/fusebox
5.5.1
Published
Nov 02, 2011
Tracked Since
Feb 18, 2026