CVE-2005-0932

Published: May 2, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Multiple SQL injection vulnerabilities in phpCOIN 1.2.1b and earlier allow remote attackers to execute arbitrary SQL commands (1) via the search engine, (2) the username or email fields in the "forgotten password" feature, or (3) the domain name in a package order.

Affected (3)

Products: Coinsoft Technologies: Phpcoin

Coinsoft Technologies

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Coinsoft Technologies Phpcoin	Version 1.2.1
Coinsoft Technologies Phpcoin	Version 1.2.1b
Coinsoft Technologies Phpcoin	Version 1.2

References (4)

http://www.gulftech.org/?node=research&article_id=00065-03292005

Source: cve@mitre.org

http://www.securityfocus.com/bid/12917

Source: cve@mitre.org

Exploit

http://www.gulftech.org/?node=research&article_id=00065-03292005

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/12917

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

Timeline

No history available yet.