CVE-2005-2067

asp-nuke - SQL Injection via article.asp articleid Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-2067. PoCs published by mh_p0rtal.

AI-analyzed exploit summary This exploit targets a SQL injection vulnerability in ASPNuke ASP Portal, allowing an attacker to reset the admin password by injecting a malicious SQL query via the 'articleid' parameter.

Description

SQL injection vulnerability in article.asp in unknown versions of aspnuke allows remote attackers to execute arbitrary SQL commands via the articleid parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by mh_p0rtal · perlwebappsasp

https://www.exploit-db.com/exploits/1070

View Code ZIP pw:eip

This exploit targets a SQL injection vulnerability in ASPNuke ASP Portal, allowing an attacker to reset the admin password by injecting a malicious SQL query via the 'articleid' parameter.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: ASPNuke ASP Portal

No auth needed

Prerequisites: Target must be running ASPNuke ASP Portal with vulnerable configuration

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/18215

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=111989828622112&w=2

Third Party Advisory, VDB Entry x_refsource_misc

http://downloads.securityfocus.com/vulnerabilities/exploits/ASPNuke-0601-sql.txt

Scores

EPSS 0.0114

EPSS Percentile 62.4%

Details

Status published

Products (1)

asp-nuke/asp-nuke

Published Jun 29, 2005

Tracked Since Feb 18, 2026