CVE-2005-3324

MWChat 6.8 - SQL Injection via Username Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-3324. PoCs published by rgod.

AI-analyzed exploit summary This exploit demonstrates an SQL injection vulnerability in MWChat, allowing an attacker to write a malicious PHP file to the server via the 'UNION SELECT ... INTO OUTFILE' technique. The payload executes arbitrary system commands via the 'cmd' GET parameter.

Description

SQL injection vulnerability in chat.php in MWChat 6.8 allows remote attackers to execute arbitrary SQL commands via the username parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · textwebappsphp

https://www.exploit-db.com/exploits/26394

View Code ZIP pw:eip

This exploit demonstrates an SQL injection vulnerability in MWChat, allowing an attacker to write a malicious PHP file to the server via the 'UNION SELECT ... INTO OUTFILE' technique. The payload executes arbitrary system commands via the 'cmd' GET parameter.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: MWChat (version not specified)

No auth needed

Prerequisites: Target must have MWChat installed · Database user must have file write permissions · Target must allow file writes to web directory

MITRE ATT&CK