Exploitation Summary
EIP tracks 1 public exploit for CVE-2013-7278. PoCs published by projectzero labs.
AI-analyzed exploit summary The provided text describes an SQL injection vulnerability in CMS Afroditi 1.0, including a sample exploit URL. However, it lacks executable code or a functional proof-of-concept.
Description
SQL injection vulnerability in Naxtech CMS Afroditi 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to default.asp.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by projectzero labs · textwebappsasp
https://www.exploit-db.com/exploits/38935
The provided text describes an SQL injection vulnerability in CMS Afroditi 1.0, including a sample exploit URL. However, it lacks executable code or a functional proof-of-concept.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target:
CMS Afroditi 1.0
No auth needed
Prerequisites:
Access to the vulnerable web application
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Exploit x_refsource_misc
http://packetstormsecurity.com/files/124624
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/89988
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/64572
Scores
EPSS
0.0260
EPSS Percentile
83.5%
Details
CWE
CWE-89
Status
published
Products (1)
naxtech/cms_afroditi
1.0
Published
Jan 08, 2014
Tracked Since
Feb 18, 2026