CVE-2005-1384

phpCoin 1.2.2 - SQL Injection

Title source: llm

Description

Multiple SQL injection vulnerabilities in phpCoin 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to index.php, (2) phpcoinsessid parameter to login.php, (3) id, (4) dtopic_id, or (5) dcat_id to mod.php.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Dcrab · textwebappsphp
https://www.exploit-db.com/exploits/25569
exploitdb WRITEUP VERIFIED
by Dcrab · textwebappsphp
https://www.exploit-db.com/exploits/25568

References (7)

Scores

EPSS 0.0245
EPSS Percentile 85.0%

Classification

Status draft

Affected Products (3)

coinsoft_technologies/phpcoin
coinsoft_technologies/phpcoin
coinsoft_technologies/phpcoin

Timeline

Published May 03, 2005
Tracked Since Feb 18, 2026