CVE-2005-3953

Bedeng Psp - SQL Injection

Title source: rule

Description

SQL injection vulnerability in Bedeng PSP 1.1 allows remote attackers to execute arbitrary SQL commands via the cwhere parameter to (1) index.php and (2) download.php, or (3) ckode parameter to baca.php.

Exploits (3)

exploitdb WRITEUP VERIFIED

by r0t · textwebappsphp

https://www.exploit-db.com/exploits/26611

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by r0t · textwebappsphp

https://www.exploit-db.com/exploits/26610

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by r0t · textwebappsphp

https://www.exploit-db.com/exploits/26609

View Code ZIP pw:eip

References (6)

Core 6

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/15583

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17760

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/21175

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/21176

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/21174

Third Party Advisory x_refsource_misc

http://pridels0.blogspot.com/2005/11/bedengpsp-sql-inj-vuln.html

Scores

EPSS 0.0051

EPSS Percentile 66.4%

Details

Status published

Products (1)

bedeng_psp/bedeng_psp 1.1

Published Dec 01, 2005

Tracked Since Feb 18, 2026