Lucene search
MitreCVE-2009-3712HistoryOct 16, 2009 - 4:30 p.m.
CVE-2009-3712
2009-10-1616:30:01
CWE-89
mitre
web.nvd.nist.gov
24
sql injection
ebay clone 2009
remote attackers
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.001
Percentile
39.7%
Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote attackers to execute arbitrary SQL commands via the (1) user_id parameter to feedback.php; and the item_id parameter to (2) view_full_size.php, (3) classifide_ad.php, and (4) crosspromoteitems.php.
Affected configurations
Node
ebayclonescriptebay_cloneMatch2009
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ebayclonescript | ebay_clone | 2009 | cpe:2.3:a:ebayclonescript:ebay_clone:2009:*:*:*:*:*:*:* |
Related
prion
prion
Sql injection
2009-10-16 16:30:00
cvelist
cvelist
CVE-2009-3712
2009-10-16 16:00:00
exploitdb
exploitdb
Ebay Clone 2009 - Multiple SQL Injections
2009-07-11 00:00:00
nvd
nvd
CVE-2009-3712
2009-10-16 16:30:01
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.5
Confidence
Low
EPSS
0.001
Percentile
39.7%
Related for CVE-2009-3712