CVE-2005-0409

CitrusDB < 0.3.6 - Unauthenticated Sensitive Information Exposure via Import/Upload Endpoints

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2005-0409. PoCs published by RedTeam Pentesting.

AI-analyzed exploit summary This exploit leverages an access validation vulnerability in CitrusDB during CSV file uploads, allowing unauthenticated file upload and potential SQL injection or path disclosure. The provided curl command demonstrates the issue by bypassing credential verification.

Description

CitrusDB 0.3.6 and earlier does not verify authorization for the (1) importcc.php and (2) uploadcc.php, which allows remote attackers to upload credit card data and obtain sensitive information such as the pathnames for temporary files that store credit card data, and facilitates the exploitation of other vulnerabilities.

Exploits (2)

exploitdb WORKING POC VERIFIED
by RedTeam Pentesting · textwebappsphp
https://www.exploit-db.com/exploits/25100

This exploit leverages an access validation vulnerability in CitrusDB during CSV file uploads, allowing unauthenticated file upload and potential SQL injection or path disclosure. The provided curl command demonstrates the issue by bypassing credential verification.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: CitrusDB 0.3.6
No auth needed
Prerequisites: Access to the target CitrusDB instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by RedTeam Pentesting · textwebappsphp
https://www.exploit-db.com/exploits/25099

This exploit leverages an authentication bypass vulnerability in CitrusDB to upload CSV files without proper credential verification, potentially leading to path disclosure or SQL injection. The provided curl command demonstrates the issue by bypassing authentication via a crafted cookie.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: CitrusDB 0.3.6
No auth needed
Prerequisites: Access to the target CitrusDB instance · Curl or similar HTTP client
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Vendor Advisory x_refsource_misc
http://www.redteam-pentesting.de/advisories/rt-sa-2005-003.txt

Scores

EPSS 0.0566
EPSS Percentile 92.0%

Details

Status published
Products (1)
citrusdb/citrusdb < 0.3.6
Published Feb 14, 2005
Tracked Since Feb 18, 2026