CVE-2005-1779

Maxwebportal - SQL Injection

Title source: rule

Description

SQL injection vulnerability in password.asp in MaxWebPortal 1.35, 1.36, 2.0, and 20050418 Next allows remote attackers to execute arbitrary SQL commands via the memKey parameter.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Alpha_Programmer · perlwebappsasp

https://www.exploit-db.com/exploits/1010

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by mh_p0rtal · phpwebappsasp

https://www.exploit-db.com/exploits/1011

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Soroush Dalili · textwebappsasp

https://www.exploit-db.com/exploits/1012

View Code ZIP pw:eip

References (2)

[Vendor Advisory] http://securitytracker.com/id?1014048

[Vendor Advisory] http://secunia.com/advisories/15511

Scores

EPSS 0.0026

EPSS Percentile 49.6%

Details

Status published

Products (4)

maxwebportal/maxwebportal 1.35

maxwebportal/maxwebportal 1.36

maxwebportal/maxwebportal 2.0

maxwebportal/maxwebportal 2005-04-18

Published May 31, 2005

Tracked Since Feb 18, 2026