CVE-2007-2959

EPSS 1.2%

SQL injection vulnerability in manufacturer.php in cpCommerce before 1.1.0 allows remote attackers to execute arbitrary SQL commands via the id_manufacturer parameter.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/30101unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://osvdb.org/38042 http://securityreason.com/securityalert/2747 https://exchange.xforce.ibmcloud.com/vulnerabilities/34573 http://www.securityfocus.com/archive/1/469910/100/0/threaded http://www.securityfocus.com/bid/24223