Exploitation Summary
EIP tracks 4 public exploits for CVE-2005-0475. PoCs published by pi3ch.
AI-analyzed exploit summary The provided text describes an SQL injection vulnerability in paFaq beta4, where the 'search_item' parameter in the URL is not properly sanitized. The example URL demonstrates a basic SQLi attempt using a single quote, but no actual exploit code is included.
Description
SQL injection vulnerability in paFAQ Beta4, and possibly other versions, allows remote attackers to execute arbitrary SQL code via the (1) offset, (2) limit, (3) order, or (4) orderby parameter to question.php, (5) offset parameter to answer.php, (6) search_item parameter to search.php, (7) cat_id, (8) cid, or (9) id parameter to comment.php.
Exploits (4)
The provided text describes an SQL injection vulnerability in paFaq beta4, where the 'search_item' parameter in the URL is not properly sanitized. The example URL demonstrates a basic SQLi attempt using a single quote, but no actual exploit code is included.
The provided text describes an SQL injection vulnerability in paFaq beta4, detailing multiple attack vectors via unsanitized input in the 'orderby', 'order', and 'limit' parameters. No actual exploit code is present, only example URLs demonstrating the vulnerability.
The provided text describes an SQL injection vulnerability in paFaq beta4, with example URLs demonstrating how unsanitized input in the 'cat_id', 'cid', and 'id' parameters can be exploited. No actual exploit code is present.
The provided text describes an SQL injection vulnerability in paFaq beta4, where the 'offset' parameter in the URL is not properly sanitized. The example URL demonstrates a basic SQLi attempt but lacks executable exploit code.