Exploitation Summary
EIP tracks 5 public exploits for CVE-2005-3938. PoCs published by r0t.
AI-analyzed exploit summary The provided text describes a SQL injection vulnerability in Softbiz FAQ 1.1 and prior versions, where the 'id' parameter in 'refer_friend.php' is not properly sanitized. No actual exploit code is included, only a description and example URL.
Description
SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the id parameter in (1) index.php, (2) faq_qanda.php, (3) refer_friend.php, (4) print_article.php, or (5) add_comment.php.
Exploits (5)
The provided text describes a SQL injection vulnerability in Softbiz FAQ 1.1 and prior versions, where the 'id' parameter in 'refer_friend.php' is not properly sanitized. No actual exploit code is included, only a description and example URL.
The provided text describes a SQL injection vulnerability in Softbiz FAQ 1.1 and prior versions. It explains the vulnerability and provides a sample URL for exploitation but does not include actual exploit code.
The provided text describes a SQL injection vulnerability in Softbiz FAQ 1.1 and prior versions, where the 'cid' parameter in the URL is not properly sanitized. This allows attackers to inject malicious SQL queries, potentially compromising the application or underlying database.
The provided text describes a SQL injection vulnerability in Softbiz FAQ 1.1 and prior versions, where the 'id' parameter in 'faq_qanda.php' is not properly sanitized. This allows attackers to manipulate SQL queries, potentially leading to unauthorized data access or modification.
The provided text describes a SQL injection vulnerability in Softbiz FAQ 1.1 and prior versions. It explains the vulnerability but does not include functional exploit code.