Vulnerabilities > CVE-2005-0841 - SQL Injection vulnerability in PHPmyfamily 1.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in (1) people.php, (2) track.php, (3) edit.php, (4) document.php, (5) census.php, (6) passthru.php and possibly other php files in phpMyFamily 1.4.0 allows remote attackers to execute arbitrary SQL commands, as demonstrated via (1) the person parameter to people.php or (2) the Login field.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | phpMyFamily <= 1.4.0 Admin Bypass SQL Injection. CVE-2005-0841. Webapps exploit for php platform |
| id | EDB-ID:892 |
| last seen | 2016-01-31 |
| modified | 2005-03-21 |
| published | 2005-03-21 |
| reporter | kre0n |
| source | https://www.exploit-db.com/download/892/ |
| title | phpMyFamily <= 1.4.0 Admin Bypass SQL Injection |