Description
SQL injection vulnerability in importcc.php for CitrusDB 0.3.6 and earlier allows remote attackers to inject data via the fields of a CSV file.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by RedTeam Pentesting · textwebappsphp
https://www.exploit-db.com/exploits/25101
References (2)
Core 2
Core References
Exploit, Vendor Advisory x_refsource_misc
http://www.redteam-pentesting.de/advisories/rt-sa-2005-004.txt
Mailing List mailing-list
x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031709.html
Scores
EPSS
0.0097
EPSS Percentile
76.8%
Details
Status
published
Products (1)
citrusdb/citrusdb
< 0.3.6
Published
Feb 14, 2005
Tracked Since
Feb 18, 2026