8.5 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
57.5%
Multiple SQL injection vulnerabilities in catalog.php in SMEWeb 1.4b and 1.4f allow remote attackers to execute arbitrary SQL commands via the (1) idp and (2) category parameters.
secunia.com/advisories/30477
www.securityfocus.com/archive/1/493130/100/0/threaded
www.securityfocus.com/bid/29496
exchange.xforce.ibmcloud.com/vulnerabilities/42811
www.exploit-db.com/exploits/5725