CVE-2005-1074

RadScripts RadBids Gold 2 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1074. PoCs published by Dcrab.

AI-analyzed exploit summary The provided text describes multiple vulnerabilities in RadBids Gold v2, including SQL injection, arbitrary file disclosure, and cross-site scripting. It includes an example SQL injection payload but lacks executable exploit code.

Description

SQL injection vulnerability in index.php for RadScripts RadBids Gold 2 allows remote attackers to execute arbitrary SQL commands via the mode parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Dcrab · textwebappsphp

https://www.exploit-db.com/exploits/25370

View Code ZIP pw:eip

The provided text describes multiple vulnerabilities in RadBids Gold v2, including SQL injection, arbitrary file disclosure, and cross-site scripting. It includes an example SQL injection payload but lacks executable exploit code.

Classification

Writeup 90%

Attack Type

Sqli | Xss | Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: RadBids Gold v2

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK