CVE-2005-0305

Siteman <1.1.10 - Code Injection

Title source: llm

Description

CRLF injection vulnerability in users.php in Siteman 1.1.10 and earlier allows remote attackers to add arbitrary users and gain privileges via the line parameter in a docreate operation.

Exploits (2)

exploitdb WORKING POC VERIFIED

by amironline452 · htmlwebappsphp

https://www.exploit-db.com/exploits/25053

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Noam Rathaus · perlwebappsphp

https://www.exploit-db.com/exploits/25052

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] http://www.osvdb.org/13131

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1012951

[Mailing List] http://marc.info/?l=bugtraq&m=110627350616949&w=2

[Exploit] http://www.securityfocus.com/bid/12304

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/18998

[Mailing List] http://marc.info/?l=bugtraq&m=110643320814371&w=2

Scores

EPSS 0.0852

EPSS Percentile 92.4%

Details

Status published

Products (2)

siteman/siteman 1.1.9

siteman/siteman 1.1.10

Published May 02, 2005

Tracked Since Feb 18, 2026