← back
CVE-2008-3238

CVE-2008-3238

EPSS 1.2%
Multiple SQL injection vulnerabilities in ITechBids 7.0 Gold allow remote attackers to execute arbitrary SQL commands via (1) the seller_id parameter in sellers_othersitem.php, (2) the productid parameter in classifieds.php, and (3) the id parameter in shop.php.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/6069unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/31084http://securityreason.com/securityalert/4015https://exchange.xforce.ibmcloud.com/vulnerabilities/43759https://www.exploit-db.com/exploits/6069http://www.securityfocus.com/bid/30215http://www.vupen.com/english/advisories/2008/2107/references