CVE-2009-0429
CVE-2009-0429 covers multiple SQL injection vulnerabilities in Active Bids by ActiveWebSoftwares. The issues permit remote execution of arbitrary SQL through user-supplied input in three vectors: (1) the search parameter to search.asp, (2) the SortDir parameter to auctionsended.asp, and (3) the c...