Vulnerabilities > CVE-2005-4554 - Unspecified vulnerability in DEV web Management System 1.5

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
dev
exploit available
NVD
Published: 2005-12-28
Updated: 2024-11-21

Summary

Multiple SQL injection vulnerabilities in DEV web management system 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter in an openforum action (openforum.php) in index.php, (2) cat parameter in getfile.php, and (3) target parameter in download_now.php.

Vulnerable Configurations

Part Description Count
Application
Dev
1

Exploit-Db

  • descriptionDev Web Management System 1.5 download_now.php target Parameter SQL Injection. CVE-2005-4554. Webapps exploit for php platform
    idEDB-ID:26977
    last seen2016-02-03
    modified2005-12-27
    published2005-12-27
    reporter[email protected]
    sourcehttps://www.exploit-db.com/download/26977/
    titleDev Web Management System 1.5 download_now.php target Parameter SQL Injection
  • descriptionDev Web Management System 1.5 getfile.php cat Parameter SQL Injection. CVE-2005-4554. Webapps exploit for php platform
    idEDB-ID:26976
    last seen2016-02-03
    modified2005-12-27
    published2005-12-27
    reporter[email protected]
    sourcehttps://www.exploit-db.com/download/26976/
    titleDev Web Management System 1.5 getfile.php cat Parameter SQL Injection
  • descriptionDev Web Management System. CVE-2005-4554. Webapps exploit for php platform
    idEDB-ID:1387
    last seen2016-01-31
    modified2005-12-24
    published2005-12-24
    reporterrgod
    sourcehttps://www.exploit-db.com/download/1387/
    titleDev Web Management System <= 1.5 cat Remote SQL Injection Exploit

References