CVE-2005-4461

Beehive Forum <0.6.2 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-4461. PoCs published by trueend5.

AI-analyzed exploit summary The provided text describes an SQL injection vulnerability in Beehive Forum 0.6.2, where unsanitized input in the 'user_sess' parameter can be exploited to bypass authentication. Example URLs are given to demonstrate the vulnerability, but no actual exploit code is present.

Description

SQL injection vulnerability in index.php in Beehive Forum 0.6.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user_sess parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by trueend5 · textwebappsphp
https://www.exploit-db.com/exploits/27165

The provided text describes an SQL injection vulnerability in Beehive Forum 0.6.2, where unsanitized input in the 'user_sess' parameter can be exploited to bypass authentication. Example URLs are given to demonstrate the vulnerability, but no actual exploit code is present.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Beehive Forum 0.6.2
No auth needed
Prerequisites: Access to the target application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/16521
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/419988/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/284
Various Sources x_refsource_misc
http://kapda.ir/advisory-158.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/21955

Scores

EPSS 0.0127
EPSS Percentile 65.9%

Details

Status published
Published Dec 21, 2005
Tracked Since Feb 18, 2026