CVE-2012-1665

osCMax < 2.5.1 - SQL Injection via Admin Panel Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2012-1665. PoCs published by High-Tech Bridge SA.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in osCMax 2.5.0, allowing an attacker to write arbitrary PHP code to a file via the 'INTO OUTFILE' clause. The PoC shows how an attacker could achieve remote code execution by injecting malicious PHP code into a file on the server.

Description

Multiple SQL injection vulnerabilities in the admin panel in osCMax before 2.5.1 allow (1) remote attackers to execute arbitrary SQL commands via the username parameter in a process action to admin/login.php or (2) remote administrators to execute arbitrary SQL commands via the status parameter to admin/stats_monthly_sales.php or (3) country parameter in a process action to admin/create_account_process.php.

Exploits (2)

exploitdb WORKING POC VERIFIED
by High-Tech Bridge SA · textwebappsphp
https://www.exploit-db.com/exploits/37048

This exploit demonstrates a SQL injection vulnerability in osCMax 2.5.0, allowing an attacker to write arbitrary PHP code to a file via the 'INTO OUTFILE' clause. The PoC shows how an attacker could achieve remote code execution by injecting malicious PHP code into a file on the server.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: osCMax 2.5.0
No auth needed
Prerequisites: Access to the vulnerable endpoint · File write permissions on the server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by High-Tech Bridge SA · htmlwebappsphp
https://www.exploit-db.com/exploits/37047

This exploit demonstrates a SQL injection vulnerability in osCMax 2.5.0 by injecting a malicious payload into the username field of the login form. The payload attempts to extract the database version via a time-based blind SQL injection technique.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: osCMax 2.5.0
No auth needed
Prerequisites: Access to the target login page · SQL injection vulnerability in the username parameter
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/80901
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2012-04/0021.html
Various Sources x_refsource_confirm
http://bugtrack.oscmax.com/view.php?id=1165
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/80902
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/80900

Scores

EPSS 0.0155
EPSS Percentile 71.8%

Details

CWE
CWE-89
Status published
Products (1)
oscmax/oscmax < 2.5.0
Published May 20, 2015
Tracked Since Feb 18, 2026