CVE-2005-3953 in Bedeng PSPinfo

Summary

by MITRE

SQL injection vulnerability in Bedeng PSP 1.1 allows remote attackers to execute arbitrary SQL commands via the cwhere parameter to (1) index.php and (2) download.php, or (3) ckode parameter to baca.php.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 04/06/2025

The CVE-2005-3953 vulnerability represents a critical sql injection flaw in Bedeng PSP 1.1 web application software that exposes multiple attack vectors for remote code execution. This vulnerability specifically targets three distinct php endpoints including index.php, download.php, and baca.php where user input is improperly sanitized before being incorporated into sql queries. The affected parameters cwhere and ckode serve as primary entry points for malicious actors to manipulate database operations through crafted sql payloads that bypass normal input validation mechanisms.

This vulnerability aligns with CWE-89 which categorizes sql injection as a fundamental weakness in software design where untrusted data is directly incorporated into sql command strings without proper sanitization or parameterization. The attack surface extends across multiple application modules, demonstrating a systemic failure in input handling that affects the core database interaction logic of the bedeng psp application. The vulnerability operates at the application layer where user-supplied parameters are concatenated directly into sql statements, creating opportunities for attackers to inject malicious sql code that executes with the privileges of the database user account.

The operational impact of CVE-2005-3953 is severe and multifaceted, potentially allowing remote attackers to gain unauthorized access to sensitive data, modify database contents, or execute administrative commands on the underlying database system. Attackers can leverage this vulnerability to extract confidential information, manipulate user accounts, or even escalate privileges within the application environment. The fact that multiple endpoints are affected increases the attack surface significantly and provides attackers with alternative pathways to achieve their objectives. This vulnerability directly maps to several ATT&CK techniques including T1190 for exploitation of vulnerabilities, T1071.004 for application layer protocol usage, and T1566 for credential access through exploitation of software vulnerabilities.

Mitigation strategies for this vulnerability require immediate implementation of parameterized queries or prepared statements to prevent sql injection attacks, along with comprehensive input validation and sanitization across all user-supplied parameters. The application should implement proper access controls and privilege separation to minimize potential damage from successful exploitation attempts. Additionally, regular security audits and code reviews should be conducted to identify and remediate similar vulnerabilities in other application components. Network segmentation and intrusion detection systems can provide additional layers of protection by monitoring for suspicious sql injection patterns and anomalous database access patterns that may indicate exploitation attempts. Organizations should also ensure that all software components are regularly updated and patched to address known vulnerabilities and maintain a robust security posture against evolving threats.

Reservation

12/01/2005

Disclosure

12/01/2005

Moderation

accepted

Entry

VDB-27232

CPE

ready

Exploit

Download

EPSS

0.01290

KEV

no

Activities

very low

Sources

Do you know our Splunk app?

Download it now for free!