CVE-2005-0252

BibORB 1.3.2 - SQL Injection via Username or Password

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0252. PoCs published by Patrick Hof.

AI-analyzed exploit summary This exploit demonstrates SQL injection and authentication bypass vulnerabilities in BibORB 1.3.2 and earlier. It provides crafted username and password inputs to bypass authentication by manipulating SQL queries.

Description

SQL injection vulnerability in BibORB 1.3.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Patrick Hof · textwebappsphp
https://www.exploit-db.com/exploits/25121

This exploit demonstrates SQL injection and authentication bypass vulnerabilities in BibORB 1.3.2 and earlier. It provides crafted username and password inputs to bypass authentication by manipulating SQL queries.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: BibORB 1.3.2 and earlier
No auth needed
Prerequisites: Access to the BibORB login interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/12583
Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110868948719773&w=2
Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=110864983905770&w=2

Scores

EPSS 0.0186
EPSS Percentile 76.5%

Details

CWE
CWE-89
Status published
Products (1)
guillaumegardey/biborb 1.3.2 (2 CPE variants)
Published May 02, 2005
Tracked Since Feb 18, 2026