mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
874 B
874 B
CVE-2005-2062
Description
Multiple SQL injection vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to execute arbitrary SQL commands via the catid parameter to (1) default.asp or (2) buyersend.asp, (3) Administrator ID field in admin.asp, E-mail field in (4) advertiserstart.asp or (5) buyer.asp, or Keyword field in search.asp.
POC
Reference
- http://echo.or.id/adv/adv21-theday-2005.txt
- http://marc.info/?l=bugtraq&m=111963341429906&w=2
- https://www.exploit-db.com/exploits/3550
Github
No PoCs found on GitHub currently.