CVE-2023-36076

CRITICAL

smanga < 3.1.9 - SQL Injection via mediaId, mangaId, and userId Parameters

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-36076. PoCs published by deIndra.

AI-analyzed exploit summary This PoC exploits a SQL injection vulnerability in the 'smanga' application, specifically targeting the 'delete.php' endpoint. It constructs a malicious SQL query to execute arbitrary commands (e.g., 'whoami') via a UNION-based injection.

Description

SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute arbitrary code and gain sensitive information via mediaId, mangaId, and userId parameters in php/history/add.php.

Exploits (1)

nomisec WORKING POC

by deIndra · poc

https://github.com/deIndra/CVE-2023-36076

View Code ZIP pw:eip

This PoC exploits a SQL injection vulnerability in the 'smanga' application, specifically targeting the 'delete.php' endpoint. It constructs a malicious SQL query to execute arbitrary commands (e.g., 'whoami') via a UNION-based injection.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: smanga (version not specified)

No auth needed

Prerequisites: Target URL with vulnerable 'smanga' application · Network access to the target

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Issue Tracking, Third Party Advisory

https://github.com/lkw199711/smanga/issues/100

Scores

CVSS v3 9.8

EPSS 0.0236

EPSS Percentile 81.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-89

Status published

Products (1)

pocketmanga/smanga < 3.1.9

Published Sep 01, 2023

Tracked Since Feb 18, 2026