Vulnerabilities > CVE-2005-4656 - SQL Injection vulnerability in Triggertg Tclanportal 1.1.3

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

triggertg

exploit available

NVD

Published: 2005-12-31

Updated: 2017-07-20

Summary

SQL injection vulnerability in index.php in TClanPortal 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands, and retrieve all usernames and passwords, via the id parameter.

Vulnerable Configurations

Part	Description	Count
Application	Triggertg Triggertg Tclanportal 1.1.3	1

Exploit-Db

description	TClanPortal <= 1.1.3 (id) Remote SQL Injection Exploit. CVE-2005-4656. Webapps exploit for php platform
id	EDB-ID:1273
last seen	2016-01-31
modified	2005-10-26
published	2005-10-26
reporter	Devil-00
source	https://www.exploit-db.com/download/1273/
title	TClanPortal <= 1.1.3 id Remote SQL Injection Exploit

References

http://downloads.securityfocus.com/vulnerabilities/exploits/TClanPortal_sql_inj.pl
http://secunia.com/advisories/17324
http://www.osvdb.org/20305
http://www.securityfocus.com/bid/15173
http://www.vupen.com/english/advisories/2005/2187
https://exchange.xforce.ibmcloud.com/vulnerabilities/22869