CVE-2005-4554

DEV web management system <1.5 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2005-4554. PoCs published by [email protected], rgod.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Dev Web Management System. The PoC uses a UNION-based SQLi to extract the admin password from the 'variables1' table.

Description

Multiple SQL injection vulnerabilities in DEV web management system 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter in an openforum action (openforum.php) in index.php, (2) cat parameter in getfile.php, and (3) target parameter in download_now.php.

Exploits (3)

exploitdb WORKING POC VERIFIED
by [email protected] · textwebappsphp
https://www.exploit-db.com/exploits/26976

This exploit demonstrates a SQL injection vulnerability in Dev Web Management System. The PoC uses a UNION-based SQLi to extract the admin password from the 'variables1' table.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Dev Web Management System 1.5 and earlier
No auth needed
Prerequisites: Target application must be running Dev Web Management System 1.5 or earlier · The 'getfile.php' endpoint must be accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by [email protected] · textwebappsphp
https://www.exploit-db.com/exploits/26977

The provided text describes SQL injection and XSS vulnerabilities in Dev Web Management System 1.5 and earlier, with an example URL demonstrating SQL injection via the 'target' parameter. No actual exploit code is present.

Classification
Writeup 80%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Dev Web Management System <= 1.5
No auth needed
Prerequisites: Access to the vulnerable endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by rgod · phpwebappsphp
https://www.exploit-db.com/exploits/1387

This exploit targets a SQL injection vulnerability in Dev <=1.5, specifically in the 'cat' parameter, to disclose the admin MD5 password hash. It bypasses magic_quotes_gpc and includes functionality for proxy support and detailed output formatting.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: Dev <=1.5
No auth needed
Prerequisites: Target must be running Dev <=1.5 · SQL injection vulnerability in 'cat' parameter must be present
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/23898
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/22041
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/22042
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/16063
Exploit, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/18239
Exploit vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1015410
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/22040
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/420253/100/0/threaded

Scores

EPSS 0.0385
EPSS Percentile 88.8%

Details

Status published
Products (1)
dev/dev_web_management_system 1.5
Published Dec 28, 2005
Tracked Since Feb 18, 2026