CVE-2005-3925

Central Manchester CLC Helpdesk Issue Manager <= 0.9 - SQL Injection via Multiple Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2005-3925. PoCs published by r0t3d3Vil.

AI-analyzed exploit summary The provided text describes a SQL injection vulnerability in Helpdesk Issue Manager 0.9 and prior versions. It includes a generic example URL demonstrating the vulnerability but lacks executable exploit code.

Description

Multiple SQL injection vulnerabilities in Central Manchester CLC Helpdesk Issue Manager 0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) detail[], (2) orderdir, and (3) orderby parameters to find.php, and the (4) id parameter to issue.php.

Exploits (2)

exploitdb WRITEUP VERIFIED
by r0t3d3Vil · textwebappsphp
https://www.exploit-db.com/exploits/26637

The provided text describes a SQL injection vulnerability in Helpdesk Issue Manager 0.9 and prior versions. It includes a generic example URL demonstrating the vulnerability but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Helpdesk Issue Manager 0.9 and prior
No auth needed
Prerequisites: Network access to the target application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by r0t3d3Vil · textwebappsphp
https://www.exploit-db.com/exploits/26638

The provided text describes SQL injection vulnerabilities in Helpdesk Issue Manager 0.9 and prior versions. It includes example URLs demonstrating how an attacker could inject SQL queries via the 'detail', 'orderby', and 'orderdir' parameters.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Helpdesk Issue Manager 0.9 and prior
No auth needed
Prerequisites: Access to the vulnerable web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/21114
Exploit, Vendor Advisory vdb-entry x_refsource_osvdb
http://www.osvdb.org/21115
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/15604
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17714
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2005/2589

Scores

EPSS 0.0129
EPSS Percentile 66.5%

Details

Status published
Products (9)
helpdesk_issue_manager/helpdesk_issue_manager 0.1
helpdesk_issue_manager/helpdesk_issue_manager 0.2
helpdesk_issue_manager/helpdesk_issue_manager 0.3
helpdesk_issue_manager/helpdesk_issue_manager 0.4
helpdesk_issue_manager/helpdesk_issue_manager 0.5
helpdesk_issue_manager/helpdesk_issue_manager 0.6
helpdesk_issue_manager/helpdesk_issue_manager 0.7
helpdesk_issue_manager/helpdesk_issue_manager 0.8
helpdesk_issue_manager/helpdesk_issue_manager 0.9
Published Nov 30, 2005
Tracked Since Feb 18, 2026