SQL Injection Vulnerability in iTechBids Gold by iTechBids
CVE-2008-0776

Currently unrated

Key Information:

Vendor: Itechscripts
Status: Itechbids
Vendor: CVE Published:; 14 February 2008

🔔 Create Itechscripts Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2008-0776?

The SQL injection vulnerability in iTechBids Gold 6.0 allows remote attackers to exploit the application by manipulating the item_id parameter in the detail.php file. This exploitation can lead to unauthorized execution of arbitrary SQL commands, potentially compromising the database and exposing sensitive information.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2008-0776 - Proof of Concept

References

https://www.exploit-db.com/exploits/5096

exploitx_refsource_EXPLOIT-DB

http://secunia.com/advisories/28887

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/27717

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Feb 14, 2008
👾
Exploit known to exist
Feb 14, 2008
Vulnerability published
Feb 14, 2008
Vulnerability Reserved
Feb 13, 2008

CVE-2008-0776 Data

JSON