Description
SQL injection vulnerability in BibORB 1.3.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Patrick Hof · textwebappsphp
https://www.exploit-db.com/exploits/25121
References (3)
Core 3
Core References
Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/12583
Exploit, Mailing List, Third Party Advisory mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110868948719773&w=2
Exploit, Mailing List, Third Party Advisory mailing-list
x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=110864983905770&w=2
Scores
EPSS
0.0084
EPSS Percentile
74.7%
Details
CWE
CWE-89
Status
published
Products (1)
guillaumegardey/biborb
1.3.2 (2 CPE variants)
Published
May 02, 2005
Tracked Since
Feb 18, 2026