2 matches found
CVE-2009-2424
CVE-2009-2424 affects Ebay Clone 2009 where the XSS vulnerability is caused by an injection in the search.php mode parameter. The impact is the ability to execute arbitrary script/HTML in the victim’s browser. Public references confirm the issue, and an exploit is listed by Exploit DB (per CIRCL ...
CVE-2009-2894
CVE-2009-2894 affects Ebay Clone 2009, with multiple SQL injection flaws that allow remote attackers to alter the database by supplying crafted values to (1) id in product_desc.php and (2) cid in showcategory.php and (3) gallery.php. Root cause: improper input handling enabling SQL commands to be...