Описание
SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter.
SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-5036
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59147
- http://packetstormsecurity.org/1006-exploits/iscriptsewap-sqlxss.txt
- http://securityreason.com/securityalert/8522
- http://www.exploit-db.com/exploits/13740
- http://www.securityfocus.com/bid/40597
- http://www.vupen.com/english/advisories/2010/1360
Связанные уязвимости
nvd
больше 14 лет назад
SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter.