CVE-2011-5113

Techfolio (com_techfolio) 1.0 - SQL Injection via catid Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-5113. PoCs published by Chris Russell.

AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in the Techfolio 1.0 Joomla component. The vulnerability arises from unsanitized user input in the 'catid' parameter, allowing arbitrary SQL queries to be executed.

Description

SQL injection vulnerability in frontend/models/techfoliodetail.php in Techfolio (com_techfolio) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Chris Russell · textwebappsphp
https://www.exploit-db.com/exploits/18042

This is a writeup describing a SQL injection vulnerability in the Techfolio 1.0 Joomla component. The vulnerability arises from unsanitized user input in the 'catid' parameter, allowing arbitrary SQL queries to be executed.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Techfolio 1.0 Joomla component
No auth needed
Prerequisites: Joomla with Techfolio 1.0 component installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/18042

Scores

EPSS 0.0102
EPSS Percentile 59.2%

Details

CWE
CWE-89
Status published
Products (1)
techdeluge/com_techfolio 1.0
Published Aug 23, 2012
Tracked Since Feb 18, 2026