Vulnerabilities > CVE-2005-4329 - SQL Injection vulnerability in PHP Arena PAFileDB Extreme Edition

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
php-arena
exploit available

Summary

SQL injection vulnerability in pafiledb.php in PHP Arena paFileDB Extreme Edition RC 5 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) newsid and (2) id parameter.

Exploit-Db

descriptionPHP Arena PAFileDB Extreme Edition SQL Injection Vulnerability. CVE-2005-4329. Webapps exploit for php platform
idEDB-ID:26857
last seen2016-02-03
modified2005-12-16
published2005-12-16
reporterr0t3d3Vil
sourcehttps://www.exploit-db.com/download/26857/
titlePHP Arena PAFileDB Extreme Edition SQL Injection Vulnerability