Exploitation Summary
EIP tracks 1 public exploit for CVE-2013-5028. PoCs published by Yogesh Phadtare.
AI-analyzed exploit summary The provided text describes SQL injection vulnerabilities in Kwok Information Server versions 2.7.3 and 2.8.4, with example URLs demonstrating injection points. No actual exploit code is included.
Description
SQL injection vulnerability in IT/hardware-list.dll in Kwoksys Kwok Information Server before 2.8.5 allows remote authenticated users to execute arbitrary SQL commands via the (1) hardwareType, (2) hardwareStatus, or (3) hardwareLocation parameter in a search command.
Exploits (1)
The provided text describes SQL injection vulnerabilities in Kwok Information Server versions 2.7.3 and 2.8.4, with example URLs demonstrating injection points. No actual exploit code is included.