Exploitation Summary
EIP tracks 1 public exploit for CVE-2005-4246. PoCs published by r0t.
AI-analyzed exploit summary The provided text describes a SQL injection vulnerability in Plogger due to improper input sanitization. The example URL demonstrates how an attacker could inject malicious SQL queries via the 'id' parameter.
Description
SQL injection vulnerability in Plogger Beta 2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to index.php and (2) page parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by r0t · textwebappsphp
https://www.exploit-db.com/exploits/26793
The provided text describes a SQL injection vulnerability in Plogger due to improper input sanitization. The example URL demonstrates how an attacker could inject malicious SQL queries via the 'id' parameter.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target:
Plogger (version not specified)
No auth needed
Prerequisites:
Access to the vulnerable Plogger application
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (4)
Core 4
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15839
Third Party Advisory x_refsource_misc
http://pridels0.blogspot.com/2005/12/plogger-sqlxss-vuln.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/21710
Various Sources x_refsource_confirm
http://masendav.com/~duke/PloggerChanges_files/FileComparisonReport5.html
Scores
EPSS
0.0114
EPSS Percentile
62.3%
Details
CWE
CWE-89
Status
published
Products (1)
plogger/plogger
Published
Dec 14, 2005
Tracked Since
Feb 18, 2026