CVE-2005-4218
published 2005-12-14CVE-2005-4218: SQL injection vulnerability in forum.php in PHPWebThings 1.4 allows remote attackers to execute arbitrary SQL commands via the msg parameter, a different…
PriorityP339high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.43%
82.2th percentile
SQL injection vulnerability in forum.php in PHPWebThings 1.4 allows remote attackers to execute arbitrary SQL commands via the msg parameter, a different vulnerability than CVE-2005-3585.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpwebthings | phpwebthings | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PHPWebThings 1.4 - 'forum' SQL Injection
exploitdb·2005-11-16
CVE-2005-4218 PHPWebThings 1.4 - 'forum' SQL Injection
PHPWebThings 1.4 - 'forum' SQL Injection
---
#!/bin/bin/perl
#-----------------------------------------------------#
#- SQL injection in phpwebthing v 1.4.4
#- Founder by Qptan & Exploting by AhLam
#- www.leZe.Com Only For Geek Hacker's
#- coded by AhLaM A.1.M|at|hotmail.com
#- http://www.lezr.com/vb/showthread.php?t=6557
#-----------------------------------------------------#
use LWP::Simple;
print "\n============================================\n";
print "\n SQL injection in phpwebthing v 1.4.4 = ";
print "\n Founder by Qptan & Exploting by AhLam = ";
print "\n www.leZe.Com Only For Geek Hacker's = ";
print "\n Coded By AhLaM A.1.M|at|hotmail.com ";
print "\n============================================\n";
if(!$ARGV[0] or !$ARGV[1]) {
print "\nUsage:\nperl $0 [host] [User ID] \n\nExa
Exploit-DB
PHPWebThings 1.4 - 'msg'/'forum' SQL Injection
exploitdb·2005-11-16
CVE-2005-4226 PHPWebThings 1.4 - 'msg'/'forum' SQL Injection
PHPWebThings 1.4 - 'msg'/'forum' SQL Injection
---
PHPWebThings 1.4 "msg" and "forum" SQL injection
body {background-color:#111111; SCROLLBAR-ARROW-COLOR:
#ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: #1CB081; } img
{background-color: #FFFFFF !important} input {background-color: #303030
!important} option { background-color: #303030 !important} textarea
{background-color: #303030 !important} input {color: #1CB081 !important} option
{color: #1CB081 !important} textarea {color: #1CB081 !important} checkbox
{background-color: #303030 !important} select {font-weight: normal; color:
#1CB081; background-color: #303030;} body {font-size: 8pt !important;
background-color: #111111; body * {font-size: 8pt !important} h1 {font-size:
0.8em !important} h2 {font-size: 0.8em !importa
No writeups or analysis indexed.
2005-12-14
Published