CVE-2005-2985

AEwebworks aeDating Script <4.0 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-2985. PoCs published by alexsrb.

AI-analyzed exploit summary This exploit demonstrates an SQL injection vulnerability in AEwebworks aeDating by injecting a UNION-based payload into the 'Country' parameter. The lack of input sanitization allows attackers to manipulate SQL queries, potentially leading to data disclosure or modification.

Description

SQL injection vulnerability in search_result.php in AEwebworks aeDating Script 4.0 and earlier allows remote attackers to execute arbitrary SQL statements via the Country parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by alexsrb · textwebappsphp
https://www.exploit-db.com/exploits/26263

This exploit demonstrates an SQL injection vulnerability in AEwebworks aeDating by injecting a UNION-based payload into the 'Country' parameter. The lack of input sanitization allows attackers to manipulate SQL queries, potentially leading to data disclosure or modification.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: AEwebworks aeDating
No auth needed
Prerequisites: Access to the vulnerable search_result.php endpoint
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16831/
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/14847
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=112681800009262&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/22301

Scores

EPSS 0.0116
EPSS Percentile 63.5%

Details

Status published
Products (2)
aewebworks/aedating 3.2
aewebworks/aedating 4.0
Published Sep 20, 2005
Tracked Since Feb 18, 2026