CVE-2004-2218

PHPMyWebHosting <0.3.4 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and earlier allows remote attackers to modify SQL statements via the password parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Noam Rathaus · perlwebappsphp

https://www.exploit-db.com/exploits/406

View Code ZIP pw:eip

References (5)

[Exploit, Patch] http://www.securityfocus.com/bid/10942

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/17005

[Exploit] http://archives.neohapsis.com/archives/bugtraq/2004-08/0207.html

[Third Party Advisory, VDB Entry] http://www.osvdb.org/8976

[Patch] http://archives.neohapsis.com/archives/bugtraq/2004-09/0247.html

Scores

EPSS 0.0082

EPSS Percentile 74.4%

Details

Status published

Products (1)

phpmywebhosting/phpmywebhosting < 0.3.4

Published Dec 31, 2004

Tracked Since Feb 18, 2026