Exploitation Summary
EIP tracks 1 public exploit for CVE-2018-17391. PoCs published by Ihsan Sencan.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Super Cms Blog Pro 1.0 via the 'author' parameter in 'authors_post.php'. The PoC includes a crafted SQL query that extracts the database version using UNION-based injection techniques.
Description
SQL Injection exists in authors_post.php in Super Cms Blog Pro 1.0 via the author parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Ihsan Sencan · textwebappsphp
https://www.exploit-db.com/exploits/45463
This exploit demonstrates a SQL injection vulnerability in Super Cms Blog Pro 1.0 via the 'author' parameter in 'authors_post.php'. The PoC includes a crafted SQL query that extracts the database version using UNION-based injection techniques.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
Super Cms Blog Pro 1.0
No auth needed
Prerequisites:
Access to the vulnerable endpoint
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (2)
Core 2
Core References
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/149519/Super-Cms-Blog-Pro-1.0-SQL-Injection.html
Exploit, Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/45463/
Scores
CVSS v3
9.8
EPSS
0.0321
EPSS Percentile
86.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-89
Status
published
Products (1)
super_cms_blog_pro_project/super_cms_blog_pro
1.0
Published
Sep 28, 2018
Tracked Since
Feb 18, 2026