CVE-2005-4419

Honeycomb Archive <3.0 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-4419. PoCs published by r0t3d3Vil.

AI-analyzed exploit summary The provided text describes SQL injection vulnerabilities in HoneyComb Archive due to improper input sanitization. It includes example URLs demonstrating how an attacker could inject SQL queries into various parameters.

Description

Multiple SQL injection vulnerabilities in CategoryResults.cfm in Honeycomb Archive and Honeycomb Archive Enterprise 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) series, (2) cat_parent, (3) cat, and (4) div parameters.

Exploits (1)

exploitdb WRITEUP VERIFIED

by r0t3d3Vil · textwebappscfm

https://www.exploit-db.com/exploits/26920

View Code ZIP pw:eip

The provided text describes SQL injection vulnerabilities in HoneyComb Archive due to improper input sanitization. It includes example URLs demonstrating how an attacker could inject SQL queries into various parameters.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Theoretical

Target: HoneyComb Archive (version not specified)

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK