Описание
Multiple SQL injection vulnerabilities in AFFcommerce 1.1.4 allow remote attackers to execute arbitrary SQL commands via (1) the cl parameter to SubCategory.php and the item_id parameter in (2) ItemInfo.php and (3) ItemReview.php.
Multiple SQL injection vulnerabilities in AFFcommerce 1.1.4 allow remote attackers to execute arbitrary SQL commands via (1) the cl parameter to SubCategory.php and the item_id parameter in (2) ItemInfo.php and (3) ItemReview.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-3914
- http://pridels0.blogspot.com/2005/11/affcommerce-multiple-sql-inj.html
- http://secunia.com/advisories/17690
- http://www.osvdb.org/21070
- http://www.osvdb.org/21071
- http://www.osvdb.org/21072
- http://www.securityfocus.com/bid/15545
- http://www.vupen.com/english/advisories/2005/2550
EPSS
Процентиль: 74%
0.00832
Низкий
CVE ID
Связанные уязвимости
nvd
около 20 лет назад
Multiple SQL injection vulnerabilities in AFFcommerce 1.1.4 allow remote attackers to execute arbitrary SQL commands via (1) the cl parameter to SubCategory.php and the item_id parameter in (2) ItemInfo.php and (3) ItemReview.php.
EPSS
Процентиль: 74%
0.00832
Низкий