CVE-2014-9096

Pligg CMS < 2.0.1 - SQL Injection via Recover.php ID or N Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-9096. PoCs published by BlackHawk.

AI-analyzed exploit summary This exploit targets Pligg CMS <= 2.0.1, leveraging SQL injection in the password recovery functionality to escalate privileges, extract database credentials, and achieve remote code execution via a Weevely shell. The attack chain involves manipulating the 'recover.php' endpoint and abusing admin panel features to write arbitrary files.

Description

Multiple SQL injection vulnerabilities in recover.php in Pligg CMS 2.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) n parameter.

Exploits (1)

exploitdb WORKING POC
by BlackHawk · pythonwebappsphp
https://www.exploit-db.com/exploits/34168

This exploit targets Pligg CMS <= 2.0.1, leveraging SQL injection in the password recovery functionality to escalate privileges, extract database credentials, and achieve remote code execution via a Weevely shell. The attack chain involves manipulating the 'recover.php' endpoint and abusing admin panel features to write arbitrary files.

Classification
Working Poc 95%
Attack Type
Sqli | Rce | Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Pligg CMS <= 2.0.1
No auth needed
Prerequisites: Target must have Pligg CMS <= 2.0.1 installed · Access to the 'recover.php' endpoint · Admin panel must be accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Scores

EPSS 0.0240
EPSS Percentile 81.8%

Details

CWE
CWE-89
Status published
Products (1)
pligg/pligg_cms < 2.0.1
Published Nov 26, 2014
Tracked Since Feb 18, 2026