CVE-2011-1100

CVE Database · CVE-2011-1100

CVE-2011-1100

· N/AModified

CVSS v3.1

N/A

EPSS

1.30%

Published

Feb 25, 2011

Modified

Apr 28, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBPixelPost 1.7.3 - Multiple POST SQL Injections TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, or (5) selectftag parameter in an images action.

Weaknesses (CWE)

CWE-89

Affected Products (1)

pixelpost · pixelpostvulnerable

References (6)

http://www.exploit-db.com/exploits/16160

Exploit

http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-4992.php

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/65474

http://www.exploit-db.com/exploits/16160

Exploit

http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-4992.php

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/65474

KEV Catalog EPSS Scores Vendors All CVEs