Unrated severityNVD Advisory· Published May 2, 2005· Updated Apr 16, 2026

CVE-2005-0454

Description

Multiple SQL injection vulnerabilities in DCP-Portal 6.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the lcat, doc, or uid parameters to index.php, or (2) the mid or bid parameters to forums.php.

Affected products

Dcp Portal/Dcp Portal
cpe:2.3:a:codeworx_technologies:dcp-portal:*:*:*:*:*:*:*:*
Range: <=6.1.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securitytracker.com/idnvdExploitVendor Advisory
www.hackgen.org/advisories/hackgen-2005-003.txtnvdExploitVendor Advisory
glide.stanford.edu/yichen/research/sec.pdfnvd
marc.infonvd
securityreason.com/securityalert/108nvd
www.securityfocus.com/archive/1/419280/100/0/threadednvd
www.securityfocus.com/bid/12573nvd
exchange.xforce.ibmcloud.com/vulnerabilities/19361nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000