CVE-2012-6434

e107 1.0.2 - Cross-Site Request Forgery via download.php Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-6434. PoCs published by Joshua Reynolds.

AI-analyzed exploit summary This exploit demonstrates a CSRF attack combined with SQL injection in e107 v1.0.2. The PoC submits a malicious POST request to the download.php admin page, injecting SQL to extract admin credentials (username and MD5 password) and display them in a publicly accessible download entry.

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in e107_admin/download.php in e107 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) download_url, (2) download_url_extended, (3) download_author_email, (4) download_author_website, (5) download_image, (6) download_thumb, (7) download_visible, or (8) download_class parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Joshua Reynolds · textwebappsphp
https://www.exploit-db.com/exploits/23829

This exploit demonstrates a CSRF attack combined with SQL injection in e107 v1.0.2. The PoC submits a malicious POST request to the download.php admin page, injecting SQL to extract admin credentials (username and MD5 password) and display them in a publicly accessible download entry.

Classification
Working Poc 100%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: e107 v1.0.2
No auth needed
Prerequisites: Victim must be an authenticated administrator · Victim must visit the malicious HTML page
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Various Sources x_refsource_confirm
http://e107.org/changelog
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/23829/

Scores

EPSS 0.0144
EPSS Percentile 70.0%

Details

CWE
CWE-352
Status published
Products (1)
e107/e107 1.0.2
Published Jan 03, 2013
Tracked Since Feb 18, 2026