CVE-2013-5697

Simone Tellini Mod Accounting < 0.5 - SQL Injection

Title source: rule

Description

SQL injection vulnerability in mod_accounting.c in the mod_accounting module 0.5 and earlier for Apache allows remote attackers to execute arbitrary SQL commands via a Host header.

Exploits (1)

exploitdb WORKING POC

by Wireghoul · textwebappslinux

https://www.exploit-db.com/exploits/28653

View Code ZIP pw:eip

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/97588

Exploit x_refsource_misc

http://www.baesystemsdetica.com.au/Research/Advisories/mod_accounting-Blind-SQL-Injection-%28DS-2013-006%29

Scores

EPSS 0.0097

EPSS Percentile 76.7%

Details

CWE

CWE-89

Status published

Products (1)

simone_tellini/mod_accounting < 0.5

Published Sep 30, 2013

Tracked Since Feb 18, 2026