CVE-2013-7192

Dynamic Biz Website Builder - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2013-7192. PoCs published by R3d-D3V!L.

AI-analyzed exploit summary The provided text describes a SQL injection vulnerability in EtoShop Dynamic Biz Website Builder (QuickWeb) 1.0.0, where the 'id' parameter in 'newdetail.asp' is not properly sanitized. It includes an example URL demonstrating the vulnerability but lacks executable exploit code.

Description

Multiple SQL injection vulnerabilities in Dynamic Biz Website Builder (QuickWeb) allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to apps/news-events/newdetail.asp, or the (2) UserID or (3) Password to login.asp.

Exploits (2)

exploitdb WRITEUP VERIFIED
by R3d-D3V!L · textwebappsasp
https://www.exploit-db.com/exploits/38883

The provided text describes a SQL injection vulnerability in EtoShop Dynamic Biz Website Builder (QuickWeb) 1.0.0, where the 'id' parameter in 'newdetail.asp' is not properly sanitized. It includes an example URL demonstrating the vulnerability but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: EtoShop Dynamic Biz Website Builder (QuickWeb) 1.0.0
No auth needed
Prerequisites: Access to the vulnerable endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by R3d-D3V!L · textwebappsasp
https://www.exploit-db.com/exploits/38884

The provided text describes a SQL injection vulnerability in EtoShop Dynamic Biz Website Builder (QuickWeb) 1.0.0, detailing how an attacker can bypass authentication by injecting SQL queries into the UserID and Password fields.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: EtoShop Dynamic Biz Website Builder (QuickWeb) 1.0.0
No auth needed
Prerequisites: Access to the login page of the vulnerable application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/89844
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/64371

Scores

EPSS 0.0230
EPSS Percentile 81.0%

Details

CWE
CWE-89
Status published
Products (1)
etoshop/dynamic_biz_website_builder_quickweb 1.0
Published Dec 21, 2013
Tracked Since Feb 18, 2026