Unrated severityNVD Advisory· Published Dec 28, 2005· Updated Apr 16, 2026

CVE-2005-4554

Description

Multiple SQL injection vulnerabilities in DEV web management system 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter in an openforum action (openforum.php) in index.php, (2) cat parameter in getfile.php, and (3) target parameter in download_now.php.

Affected products

Dev/Dev Web Management System
cpe:2.3:a:dev:dev_web_management_system:1.5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

rgod.altervista.org/dev_15_sql_xpl.htmlnvdExploit
secunia.com/advisories/18239nvdExploitVendor Advisory
securitytracker.com/idnvdExploit
www.securityfocus.com/bid/16063nvdExploit
www.osvdb.org/22040nvd
www.osvdb.org/22041nvd
www.osvdb.org/22042nvd
www.securityfocus.com/archive/1/420253/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/23898nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000