Sql injection

2011-11-0221:55:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

77.6%

SQL injection vulnerability in addsale.php in iScripts eSwap 2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter.

CPENameOperatorVersion
eswapeq2.0

CPE	Name	Operator	Version
	eswap	eq	2.0

References

packetstormsecurity.org/1006-exploits/iscriptsewap-sqlxss.txt

securityreason.com/securityalert/8522

www.securityfocus.com/bid/40597

www.vupen.com/english/advisories/2010/1360

exchange.xforce.ibmcloud.com/vulnerabilities/59147

www.exploit-db.com/exploits/13740/