Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2005-1779

Published: 31/05/2005 Updated: 05/09/2008
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 765
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Maxwebportal

Vulnerability Summary

SQL injection vulnerability in password.asp in MaxWebPortal 1.35, 1.36, 2.0, and 20050418 Next allows remote malicious users to execute arbitrary SQL commands via the memKey parameter.

Vulnerable Product Search on Vulmon Subscribe to Product

maxwebportal maxwebportal 1.36

maxwebportal maxwebportal 2005-04-18

maxwebportal maxwebportal 1.35

maxwebportal maxwebportal 2.0

Exploits

Exploit DB: Maxwebportal 1.36 - 'Password.asp' Change Password (2) (PHP)
<?php /* ------Trap-Set Underground Hacking Team-----------------mh_p0rtal---------------------- Greetz to : Alpha_programmer , Oil_karchack , Str0ke And Iranian Hacking & Security Teams : Alphast , IHS Team , Shabgard Security Team , Emperor Hacking TEam , CrouZ Security Team , Simorgh-ev Security Team ----------------Discovered by: s ...
Exploit DB: Maxwebportal 1.36 - 'Password.asp' Change Password (1) (HTML)
<!-- Hi, I'm Soroush Dalili from Grayhatz Security Group (GSG) I found dangerous sql injection in Maxwebportal version 135,136,20, 20050418 Next Remote user can inject his/her code in "memKey" var and change other users password in passwordasp Exploit codes to proof: --> -----------------Code Start-----Version 135 and older-------- ...
Exploit DB: Maxwebportal 1.36 - 'Password.asp' Change Password (3) (Perl)
#!/usr/bin/perl ################################################################# # T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m ################################################################# # EXPLOIT FOR - MAX Portal (All Versions) # #Exploit By : A l p h a _ P r o g r a m m e r ( Sirus-v ); #E-Mail : Alpha_Programmer@ ...

References

NVD-CWE-Otherhttp://securitytracker.com/id?1014048http://secunia.com/advisories/15511https://nvd.nist.govhttps://www.exploit-db.com/exploits/1011/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-3400deserializationCVE-2024-21788CVE-2023-42433CVE-2024-21841CVE-2024-22095local file inclusionmemory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook