Описание
Multiple SQL injection vulnerabilities in C2C Forward Auction Creator 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) pa parameter to auction/asp/list.asp, or the (2) UserID or (3) Password to auction/casp/admin.asp.
Multiple SQL injection vulnerabilities in C2C Forward Auction Creator 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) pa parameter to auction/asp/list.asp, or the (2) UserID or (3) Password to auction/casp/admin.asp.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2013-7193
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89752
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89755
- http://osvdb.org/101075
- http://osvdb.org/101076
- http://packetstormsecurity.com/files/124441/c2cfac-sql.txt
- http://www.securityfocus.com/bid/64329
Связанные уязвимости
nvd
около 12 лет назад
Multiple SQL injection vulnerabilities in C2C Forward Auction Creator 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) pa parameter to auction/asp/list.asp, or the (2) UserID or (3) Password to auction/casp/admin.asp.