CVE-2005-2675

Land Down Under 800 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 5 public exploits for CVE-2005-2675. PoCs published by matrix_killer, bl2k.

AI-analyzed exploit summary The provided text describes SQL injection vulnerabilities in 'Land Down Under' software, with example URLs demonstrating unsanitized input in the 'c' parameter. No actual exploit code is present, only a vulnerability description and proof-of-concept URLs.

Description

Note: the vendor has disputed this issue. Multiple SQL injection vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to execute arbitrary SQL commands via the (1) s or (2) m parameter to forums.php, (3) o, (4) w, (5) s, or (6) p parameter to list.php, (7) m parameter to journal.php, (8) x or (9) n parameter to forums.php, or (10) w parameter to links.php. NOTE: this issue has been disputed by the vendor, who says "None of the tricks written there are working, the variables are properly sanitized and no LDU version is affected.

Exploits (5)

exploitdb WRITEUP VERIFIED
by matrix_killer · textwebappsphp
https://www.exploit-db.com/exploits/26207

The provided text describes SQL injection vulnerabilities in 'Land Down Under' software, with example URLs demonstrating unsanitized input in the 'c' parameter. No actual exploit code is present, only a vulnerability description and proof-of-concept URLs.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Land Down Under (version unspecified)
No auth needed
Prerequisites: Network access to the target application · Vulnerable version of Land Down Under
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by bl2k · textwebappsphp
https://www.exploit-db.com/exploits/26179

The provided text describes SQL injection vulnerabilities in 'Land Down Under' software, with example URLs demonstrating unsanitized input in query parameters. No actual exploit code is present, only advisory details.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Land Down Under (version unspecified)
No auth needed
Prerequisites: Network access to the vulnerable application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by bl2k · textwebappsphp
https://www.exploit-db.com/exploits/26177

The provided text describes a SQL injection vulnerability in 'Land Down Under' software, where unsanitized input in the 'w' parameter of 'links.php' can be exploited. The example URL demonstrates a basic SQLi payload but lacks executable code.

Classification
Writeup 80%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Land Down Under (version unspecified)
No auth needed
Prerequisites: Access to the vulnerable endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by bl2k · textwebappsphp
https://www.exploit-db.com/exploits/26178

The provided text describes SQL injection vulnerabilities in 'Land Down Under' software, detailing vulnerable parameters in journal.php. It includes example URLs demonstrating the injection points but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Land Down Under (version unspecified)
No auth needed
Prerequisites: Network access to the target application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by bl2k · textwebappsphp
https://www.exploit-db.com/exploits/26180

The provided code is a writeup describing SQL injection vulnerabilities in 'Land Down Under' software. It includes example URLs demonstrating unsanitized input in SQL queries but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Land Down Under (version unspecified)
No auth needed
Prerequisites: Access to the vulnerable web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=112456235729717&w=2
Exploit vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1014747
Various Sources x_refsource_misc
http://www.neocrome.net
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/14618

Scores

EPSS 0.0117
EPSS Percentile 63.4%

Details

Status published
Products (1)
neocrome/land_down_under 800
Published Aug 23, 2005
Tracked Since Feb 18, 2026