CVE-2005-1417

MaxWebPortal - SQL Injection via Multiple Parameters

Title source: llm

Exploitation Summary

EIP tracks 5 public exploits for CVE-2005-1417. PoCs published by s-dalili.

AI-analyzed exploit summary The provided text describes SQL injection vulnerabilities in MaxWebPortal, specifically in the 'pics_popular.asp' file. It outlines how improper sanitization of user input can lead to data disclosure or modification, but does not include executable exploit code.

Description

Multiple SQL injection vulnerabilities in MaxWebPortal 2.x, 1.35, and other versions allow remote attackers to execute arbitrary SQL commands via (1) article_popular.asp, (2) arguments to dl_popular.asp, (3) arguments to links_popular.asp, (4) arguments to pic_popular.asp, (5) article_rate.asp, (6) dl_rate.asp, (7) links_rate.asp, (8) pic_rates.asp, (9) article_toprated.asp, (10) dl_toprated.asp, (11) links_toprated.asp, (12) arguments to pic_toprated.asp, or (13) the TOPIC_ID or Forum_ID parameters to custom_link.asp.

Exploits (5)

exploitdb WRITEUP VERIFIED

by s-dalili · textwebappsasp

https://www.exploit-db.com/exploits/25587

View Code ZIP pw:eip

The provided text describes SQL injection vulnerabilities in MaxWebPortal, specifically in the 'pics_popular.asp' file. It outlines how improper sanitization of user input can lead to data disclosure or modification, but does not include executable exploit code.

Classification

Writeup 80%

Attack Type

Sqli

Complexity

Trivial

Reliability

Theoretical

Target: MaxWebPortal (version not specified)

No auth needed

Prerequisites: Access to the vulnerable 'pics_popular.asp' endpoint

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by s-dalili · textwebappsasp

https://www.exploit-db.com/exploits/25586

View Code ZIP pw:eip

This exploit demonstrates SQL injection in MaxWebPortal by manipulating the 'Links_Popular.asp' parameter to extract admin credentials from the 'PORTAL_MEMBERS' table. The PoC uses a UNION-based attack to bypass authentication and retrieve sensitive data.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: MaxWebPortal (version unspecified)

No auth needed

Prerequisites: Access to the vulnerable 'Links_Popular.asp' endpoint

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by s-dalili · textwebappsasp

https://www.exploit-db.com/exploits/25588

View Code ZIP pw:eip

This exploit demonstrates a SQL injection vulnerability in MaxWebPortal by manipulating the 'dl_toprated.asp' parameter to extract admin credentials from the PORTAL_MEMBERS table. The attack leverages a UNION-based SQLi to bypass input sanitization.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: MaxWebPortal (version unspecified)

No auth needed

Prerequisites: Access to the vulnerable 'dl_toprated.asp' endpoint

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by s-dalili · textwebappsasp

https://www.exploit-db.com/exploits/25585

View Code ZIP pw:eip

This exploit demonstrates a SQL injection vulnerability in MaxWebPortal's Dl_Popular.asp page. It uses a UNION-based attack to extract admin credentials from the PORTAL_MEMBERS table.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: MaxWebPortal (version not specified)

No auth needed

Prerequisites: Access to the vulnerable Dl_Popular.asp endpoint

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WRITEUP VERIFIED

by s-dalili · textwebappsasp

https://www.exploit-db.com/exploits/25589

View Code ZIP pw:eip

The provided text describes SQL injection vulnerabilities in MaxWebPortal, specifically in the 'custom_link.asp' file with parameters 'TOPIC_ID' and 'Forum_ID'. It lacks executable exploit code but details the vulnerable endpoints and potential impacts.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Theoretical

Target: MaxWebPortal (version not specified)

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/13466

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/15214

Exploit vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1013845

Patch x_refsource_confirm

http://www.maxwebportal.info/downloads/mwp_security_fixes.zip

Various Sources x_refsource_confirm

http://www.maxwebportal.info/topic.asp?TOPIC_ID=2482&FORUM_ID=1&CAT_ID=1&Forum_Title=General+Chat&Topic_Title=Security+Update

Scores

EPSS 0.0246

EPSS Percentile 82.5%

Details

Status published

Products (6)

maxwebportal/maxwebportal 1.3.0

maxwebportal/maxwebportal 1.3.1

maxwebportal/maxwebportal 1.3.2

maxwebportal/maxwebportal 1.3.3

maxwebportal/maxwebportal 1.3.5

maxwebportal/maxwebportal 2.0

Published May 03, 2005

Tracked Since Feb 18, 2026