CVE-2005-0454

N/A Unknown

Published: May 02, 2005 Modified: April 16, 2026

Description

Multiple SQL injection vulnerabilities in DCP-Portal 6.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the lcat, doc, or uid parameters to index.php, or (2) the mid or bid parameters to forums.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://glide.stanford.edu/yichen/research/sec.pdf

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=110858497207809&w=2

Source: cve@mitre.org

http://securityreason.com/securityalert/108

Source: cve@mitre.org

http://securitytracker.com/id?1013216

Source: cve@mitre.org

Exploit Vendor Advisory

http://www.hackgen.org/advisories/hackgen-2005-003.txt

Source: cve@mitre.org

Exploit Vendor Advisory

http://www.securityfocus.com/archive/1/419280/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/12573

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/19361

Source: cve@mitre.org

http://glide.stanford.edu/yichen/research/sec.pdf