CVE-2005-0725

Wf-sections - SQL Injection

Title source: rule

Description

SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote attackers to execute arbitrary SQL commands via the articleid parameter to article.php.

Exploits (3)

exploitdb WORKING POC

perlwebappsphp

https://www.exploit-db.com/exploits/3646

View on exploitdb

exploitdb WORKING POC

perlwebappsphp

https://www.exploit-db.com/exploits/3644

View on exploitdb

exploitdb WORKING POC

htmlwebappsphp

https://www.exploit-db.com/exploits/3645

View on exploitdb

References (2)

[Mailing List] http://marc.info/?l=bugtraq&m=111049618519821&w=2

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/19660

Scores

EPSS 0.0033

EPSS Percentile 55.6%

Classification

Status draft

Affected Products (1)

wf-sections/wf-sections

Timeline

Published Mar 08, 2005

Tracked Since Feb 18, 2026