Unrated severityNVD Advisory· Published Dec 11, 2005· Updated Apr 16, 2026
CVE-2005-4170
CVE-2005-4170
Description
SQL injection vulnerability in eFiction 1.1 allows remote attackers to execute arbitrary SQL commands via the uid parameter to viewuser.php.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- archives.neohapsis.com/archives/bugtraq/2005-11/0301.htmlnvdExploitVendor Advisory
- rgod.altervista.org/efiction2_xpl.htmlnvdExploitVendor Advisory
- secunia.com/advisories/17777nvdExploitVendor Advisory
- securitytracker.com/idnvdExploit
- www.securityfocus.com/bid/15568nvdExploit
- www.efiction.wallflowergirl.com/forums/viewtopic.phpnvd
- www.osvdb.org/21122nvd
- www.vupen.com/english/advisories/2005/2606nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/23373nvd
News mentions
0No linked articles in our index yet.