CVE-2005-2108

WordPress <= 1.5.1.2 - SQL Injection via HTTP_RAW_POST_DATA

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-2108. PoCs published by GulfTech Security.

AI-analyzed exploit summary This Perl script exploits an SQL injection vulnerability in WordPress 1.5.1.2 via the XMLRPC interface to extract user password hashes and execute arbitrary commands as the web server user.

Description

SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by GulfTech Security · perlwebappsphp

https://www.exploit-db.com/exploits/1077

View Code ZIP pw:eip

This Perl script exploits an SQL injection vulnerability in WordPress 1.5.1.2 via the XMLRPC interface to extract user password hashes and execute arbitrary commands as the web server user.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: WordPress 1.5.1.2

No auth needed

Prerequisites: XMLRPC interface enabled · Valid post ID or pingback

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/15831

Exploit, Vendor Advisory x_refsource_misc

http://www.gulftech.org/?node=research&article_id=00085-06282005

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=112006967221438&w=2

Scores

EPSS 0.0932

EPSS Percentile 94.7%

Details

Status published

Products (7)

wordpress/wordpress 1.0

wordpress/wordpress 1.0.1

wordpress/wordpress 1.0.2

wordpress/wordpress 1.2

wordpress/wordpress 1.5

wordpress/wordpress 1.5.1

wordpress/wordpress 1.5.1.2

Published Jul 05, 2005

Tracked Since Feb 18, 2026