CVE-2005-4140

Website Baker - SQL Injection

Title source: rule

Description

SQL injection vulnerability in admin/login/index.php in Website Baker 2.6.0 allows remote attackers to execute arbitrary SQL commands via the username parameter, as used by the user field.

Exploits (1)

exploitdb WORKING POC VERIFIED
by rgod · phpwebappsphp
https://www.exploit-db.com/exploits/1363

References (9)

Scores

EPSS 0.0239
EPSS Percentile 85.1%

Details

Status published
Products (2)
website_baker/website_baker 2.5.2
website_baker/website_baker 2.6
Published Dec 09, 2005
Tracked Since Feb 18, 2026