CVE-2025-15443

A vulnerability was identified in CRMEB up to 5.6.1. This issue affects some unknown processing of the file /adminapi/product/productexport. Such manipulation of the argument cateid leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used. T...

CVE-2025-15442

A vulnerability was determined in CRMEB up to 5.6.1. This vulnerability affects unknown code of the file /adminapi/export/productlist. This manipulation of the argument cateid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2025-15442

A vulnerability was determined in CRMEB up to 5.6.1. This vulnerability affects unknown code of the file /adminapi/export/productlist. This manipulation of the argument cateid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized...

CRMEB SQL注入漏洞

CRMEB is a Java mall system of CRMEB open source. A SQL injection vulnerability exists in CRMEB 5.6.1 and earlier versions, which stems from the incorrect operation of the parameter cateid in the file /adminapi/export/productlist, which may lead to SQL injection attacks...

EUVD-2007-1295

Malware in sbrugna...

EUVD-2008-3399

Malware in sbrugna...

EUVD-2009-2418

Malware in sbrugna...

CVE-2025-11288

A security flaw has been discovered in CRMEB up to 5.6. This issue affects some unknown processing of the file /adminapi/product/product of the component GET Parameter Handler. Performing a manipulation of the argument cateid results in sql injection. Remote exploitation of the attack is possible...

Sql injection

Multiple SQL injection vulnerabilities in ITechBids 8.0 allow remote attackers to execute arbitrary SQL commands via the 1 userid parameter to feedback.php, 2 cateid parameter to category.php, 3 id parameter to news.php, and 4 productid parameter to itechd.php. NOTE: the sellersothersitem.php,...

Auction Website Script SQL Injection

0000000000000000000000000000000000 000000000000000000000 00000000000000000000000000000000000 0000000000000000 00000000000000000000000000000000 + Auction Website Script cateid SQL Injection Vulnerability + Software : Auction Website Script + Author : 599eme Man + Contact : [email protected] + Thanks :...

Sql injection

SQL injection vulnerability in category.php in Ebay Clone 2009 allows remote attackers to execute arbitrary SQL commands via the cateid parameter in a list action...

CVE-2009-2423

CVE-2009-2423 describes an SQL injection in the Ebay Clone 2009 project, specifically in category.php via the cate_id parameter in a list action, allowing remote attackers to execute arbitrary SQL commands. The vulnerability affects the web application as described in the CVE entry; underlying de...

CVE-2008-3413

The CVE-2008-3413 entry concerns a SQL injection vulnerability in category.php of Greatclone GC Auction Platinum, exploitable via the cate_id parameter to allow remote attackers to execute arbitrary SQL commands. Public references corroborate the vulnerability and its classification as SQL inject...

CVE-2008-3413

SQL injection vulnerability in category.php in Greatclone GC Auction Platinum allows remote attackers to execute arbitrary SQL commands via the cateid parameter...

Sql injection

SQL injection vulnerability in category.php in AJSquare AJ Auction Pro web 2.0 allows remote attackers to execute arbitrary SQL commands via the cateid parameter...

AJ Auction Web 2.0 - 'cate_id' SQL Injection

Auction Web 2.0 SQL Injection Vulnerability ======================================================== Author: Hussin X = = Home : www.tryag.cc/cc = = email: darkangelg85atYahooDoTcom = hussin.xathotmailDoTcom = = ========================================================= HomE script :...

Sql injection

SQL injection vulnerability in subcat.php in AJ Auction 1.0 allows remote attackers to execute arbitrary SQL commands via the cateid parameter...

CVE-2007-1298

SQL injection vulnerability in subcat.php in AJ Auction 1.0 allows remote attackers to execute arbitrary SQL commands via the cateid parameter...

CVE-2006-4323

CVE-2006-4323 involves an SQL injection in CityForFree’s indexcity 1.0 product, specifically the vulnerable script is list.php. The underlying issue occurs when magic_quotes_gpc is disabled, allowing an attacker to inject arbitrary SQL through the cate_id parameter. Connected documents corroborat...