Unrated severityNVD Advisory· Published Nov 26, 2005· Updated Apr 16, 2026

CVE-2005-3844

Description

SQL injection vulnerability in phpWordPress PHP News and Article Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the (1) poll and (2) category parameters to index.php, and (3) the ctg parameter in an archive action.

Affected products

Phpwordpress/PHP News And Article Manager
cpe:2.3:a:phpwordpress:php_news_and_article_manager:3.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/17733nvdVendor Advisory
forum.word-press.net/index.phpnvd
pridels0.blogspot.com/2005/11/phpwordpress-30-sql-inj.htmlnvd
www.osvdb.org/21110nvd
www.securityfocus.com/bid/15582nvd
www.vupen.com/english/advisories/2005/2594nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000