CVE-2005-2062

2005-06-29T04:00:00
ID CVE-2005-2062
Type cve
Reporter cve@mitre.org
Modified 2017-10-11T01:30:00

Description

Multiple SQL injection vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to execute arbitrary SQL commands via the catid parameter to (1) default.asp or (2) buyersend.asp, (3) Administrator ID field in admin.asp, E-mail field in (4) advertiserstart.asp or (5) buyer.asp, or Keyword field in search.asp.