CVE-2005-4081

EPSS 1.3%

Multiple SQL injection vulnerabilities in Alisveristr E-commerce allow remote attackers to bypass authentication and possibly execute arbitrary SQL commands via the username and password parameters in (1) the user login and (2) administrator login pages.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/26707unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://securityreason.com/securityalert/228 https://exchange.xforce.ibmcloud.com/vulnerabilities/23507 http://www.osvdb.org/21622 http://www.securityfocus.com/archive/1/418510/100/0/threaded http://www.securityfocus.com/bid/15699/