CVE-2015-6516

sysPass < 1.0.9 - Authenticated SQL Injection via Search Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-6516. PoCs published by SySS GmbH.

AI-analyzed exploit summary This advisory details an SQL injection vulnerability in sysPass 1.0.9 and below, specifically in the 'getAccounts' parameter of an AJAX request. The PoC demonstrates how an authenticated attacker can extract database information via a crafted HTTP POST request.

Description

SQL injection vulnerability in cygnux.org sysPass 1.0.9 and earlier allows remote authenticated users to execute arbitrary SQL commands via the search parameter to ajax/ajax_search.php.

Exploits (1)

exploitdb WRITEUP

by SySS GmbH · textwebappsphp

https://www.exploit-db.com/exploits/37610

View Code ZIP pw:eip

This advisory details an SQL injection vulnerability in sysPass 1.0.9 and below, specifically in the 'getAccounts' parameter of an AJAX request. The PoC demonstrates how an authenticated attacker can extract database information via a crafted HTTP POST request.

Classification

Writeup 100%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: sysPass 1.0.9 and below

Auth required

Prerequisites: Authenticated access to the sysPass application

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit x_refsource_misc

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2015-031.txt

Exploit exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/37610/

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/535989/100/0/threaded

Exploit x_refsource_misc

http://packetstormsecurity.com/files/132672/sysPass-1.0.9-SQL-Injection.html

Scores

EPSS 0.0200

EPSS Percentile 78.3%

Details

CWE

CWE-89

Status published

Products (1)

cygnux/syspass < 1.0.9

Published Aug 18, 2015

Tracked Since Feb 18, 2026