Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitpackDcrabEXPLOITPACK:9B3B4AC9D53A29534FBE3BA572349260
HistoryApr 06, 2005 - 12:00 a.m.

Active Auction House - default.asp Multiple SQL Injections

2005-04-0600:00:00
Dcrab
6
JSON

Active Auction House - default.asp Multiple SQL Injections

source: https://www.securityfocus.com/bid/13032/info

Active Auction House is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.

Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. 

http://www.example.com/activeauctionsuperstore/default.asp?Sortby=ItemName&SortDir='SQL_INJECTION
http://www.example.com/activeauctionsuperstore/default.asp?Sortby='SQL_INJECTION
JSON