CVE-2005-4213

Coinsoft Technologies Phpcoin - SQL Injection

Title source: rule

Description

SQL injection vulnerability in mod.php in phpCOIN 1.2.2 allows remote attackers to execute arbitrary SQL commands via the phpcoinsessid cookie.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/1370

View Code ZIP pw:eip

References (9)

[Exploit, Vendor Advisory] http://rgod.altervista.org/phpcoin122.html

[Exploit] http://www.securityfocus.com/bid/15830

[Third Party Advisory, VDB Entry] http://www.osvdb.org/21725

[Exploit] http://rgod.altervista.org/phpcoin_122_sql_xpl.html

[Various Sources] http://forums.phpcoin.com/index.php?showtopic=5469

[Vendor Advisory] http://secunia.com/advisories/18030

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/419382/100/0/threaded

[Third Party Advisory] http://www.vupen.com/english/advisories/2005/2888

[Exploit] http://securitytracker.com/id?1015345

Scores

EPSS 0.0200

EPSS Percentile 83.7%

Details

Status published

Products (1)

coinsoft_technologies/phpcoin 1.2.2

Published Dec 14, 2005

Tracked Since Feb 18, 2026