CVE-2014-3757
phpmanufaktur kitform < 0.43 - SQL Injection via sorter_value Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2014-3757. PoCs published by chapp.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in phpManufaktur kitForm <= 0.43 via the 'sorter_value' parameter in sorter.php. The PoC sends a malicious POST request with a SQL injection payload to extract database content.
Description
SQL injection vulnerability in sorter.php in the phpManufaktur kitForm extension 0.43 and earlier for the KeepInTouch (KIT) module allows remote attackers to execute arbitrary SQL commands via the sorter_value parameter.
Exploits (1)
This exploit demonstrates a SQL injection vulnerability in phpManufaktur kitForm <= 0.43 via the 'sorter_value' parameter in sorter.php. The PoC sends a malicious POST request with a SQL injection payload to extract database content.