CVE-2005-3004

Interakt MX Shop 3.2.0 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in Interakt MX Shop 3.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) idp, (2) id_ctg, or (3) id_prd parameters to the pages module in index.php.

Exploits (1)

exploitdb WRITEUP VERIFIED

by David Sopas Ferreira · textwebappsphp

https://www.exploit-db.com/exploits/26284

View Code ZIP pw:eip

References (5)

Core 5

Core References

Various Sources x_refsource_misc

http://www.systemsecure.org/ssforum/viewtopic.php?t=250

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1014932

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/14876

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/19611

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/22328

Scores

EPSS 0.0056

EPSS Percentile 68.3%

Details

Status published

Products (1)

interakt/mx_shop 3.2.0

Published Sep 21, 2005

Tracked Since Feb 18, 2026