CVE-2009-4229
Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active Bids allow remote attackers to execute arbitrary SQL commands via 1 the catid parameter in the PATHINFO to the default URI or 2 the catid parameter to default.asp. NOTE: this might overlap CVE-2009-0429.3. NOTE: the provenance of...