Lucene search
MitreCVELIST:CVE-2008-0546HistoryFeb 01, 2008 - 7:41 p.m.
CVE-2008-0546
2008-02-0119:41:00
mitre
www.cve.org
Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allow remote attackers to execute arbitrary SQL commands via the (1) idProduct and (2) options parameters to (a) ajax/ajax_optInventory.asp, or the (2) recid parameter to (b) ajax/ajax_getBrands.asp.
References
secunia.com/advisories/28662
securityreason.com/securityalert/3600
www.candypress.com/CPforum/forum_posts.asp?TID=10630&PN=1
www.securityfocus.com/archive/1/487058/100/0/threaded
www.securityfocus.com/bid/27454
www.vupen.com/english/advisories/2008/0314
exchange.xforce.ibmcloud.com/vulnerabilities/39939
www.exploit-db.com/exploits/4988
Related
prion
prion
Sql injection
2008-02-01 20:00:00
cve
cve
CVE-2008-0546
2008-02-01 20:00:00
nvd
nvd
CVE-2008-0546
2008-02-01 20:00:00