CVE-2008-0692

CVE-2008-0692 describes an SQL injection in the file bidhistory.php of iTechBids 3 Gold and 5.0, allowing remote attackers to execute arbitrary SQL via the item_id parameter. The NVD entry lists a base score of 7.5 (HIGH) with network access, low attack complexity, and no authentication required,...