CVE-2009-3712
Multiple SQL injection vulnerabilities in Ebay Clone 2009 allow remote attackers to execute arbitrary SQL commands via the 1 userid parameter to feedback.php; and the itemid parameter to 2 viewfullsize.php, 3 classifidead.php, and 4 crosspromoteitems.php...