CVE-2005-4656

TClanPortal <1.1.3 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in index.php in TClanPortal 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands, and retrieve all usernames and passwords, via the id parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Devil-00 · perlwebappsphp

https://www.exploit-db.com/exploits/1273

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] http://www.osvdb.org/20305

[Vendor Advisory] http://secunia.com/advisories/17324

[Third Party Advisory] http://www.vupen.com/english/advisories/2005/2187

[Exploit] http://downloads.securityfocus.com/vulnerabilities/exploits/TClanPortal_sql_inj.pl

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/22869

[Exploit] http://www.securityfocus.com/bid/15173

Scores

EPSS 0.0136

EPSS Percentile 80.2%

Details

Status published

Products (1)

triggertg/tclanportal 1.1.3

Published Dec 31, 2005

Tracked Since Feb 18, 2026