CVE-2005-3932

O-Kiraku Nikki <= 1.3 - SQL Injection via day_id Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-3932. PoCs published by r0t.

AI-analyzed exploit summary The provided text describes an SQL injection vulnerability in O-Kiraku Nikki versions 1.3 and prior. It outlines the vulnerability's cause and potential impact but does not include executable exploit code.

Description

SQL injection vulnerability in okiraku.php in O-Kiraku Nikki 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the day_id parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by r0t · textwebappsphp
https://www.exploit-db.com/exploits/26683

The provided text describes an SQL injection vulnerability in O-Kiraku Nikki versions 1.3 and prior. It outlines the vulnerability's cause and potential impact but does not include executable exploit code.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: O-Kiraku Nikki <= 1.3
No auth needed
Prerequisites: Network access to the target application · Vulnerable version of O-Kiraku Nikki
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/17795
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/15657
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2005/2668
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/21268

Scores

EPSS 0.0116
EPSS Percentile 63.1%

Details

Status published
Products (1)
o-kiraku_nikki/o-kiraku_nikki 1.3
Published Dec 01, 2005
Tracked Since Feb 18, 2026