CVE-2005-0475

PHP Arena Pafaq - SQL Injection

Title source: rule

Description

SQL injection vulnerability in paFAQ Beta4, and possibly other versions, allows remote attackers to execute arbitrary SQL code via the (1) offset, (2) limit, (3) order, or (4) orderby parameter to question.php, (5) offset parameter to answer.php, (6) search_item parameter to search.php, (7) cat_id, (8) cid, or (9) id parameter to comment.php.

Exploits (4)

exploitdb WRITEUP VERIFIED

by pi3ch · textwebappsphp

https://www.exploit-db.com/exploits/25116

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by pi3ch · textwebappsphp

https://www.exploit-db.com/exploits/25114

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by pi3ch · textwebappsphp

https://www.exploit-db.com/exploits/25117

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by pi3ch · textwebappsphp

https://www.exploit-db.com/exploits/25115

View Code ZIP pw:eip

References (2)

Core 2

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=110868808723487&w=2

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/19371

Scores

EPSS 0.0028

EPSS Percentile 50.9%

Details

Status published

Products (1)

php_arena/pafaq beta4

Published Mar 30, 2005

Tracked Since Feb 18, 2026