Unrated severityNVD Advisory· Published Dec 1, 2005· Updated Apr 16, 2026

CVE-2005-3952

Description

SQL injection vulnerability in PHP Labs Top Auction allows remote attackers to execute arbitrary SQL commands via the (1) category and (2) type parameters to viewcat.php, or (3) certain search parameters. NOTE: later a disclosure reported the affected version as 1.0.

Affected products

Php Labs/Top Auction
cpe:2.3:a:php_labs:top_auction:1.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/17687nvdVendor Advisory
www.vupen.com/english/advisories/2005/2552nvdVendor Advisory
pridels0.blogspot.com/2005/11/top-auction-multiple-sql-vuln.htmlnvd
www.osvdb.org/21105nvd
www.osvdb.org/21106nvd
www.securityfocus.com/archive/1/466565/100/200/threadednvd
www.securityfocus.com/archive/1/466569/100/200/threadednvd
www.securityfocus.com/bid/15547nvd
www.exploit-db.com/exploits/3456nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000