CVE-2008-4458

EPSS 1.0%

SQL injection vulnerability in listings.php in E-Php B2B Trading Marketplace Script allows remote attackers to execute arbitrary SQL commands via the cid parameter in a product action.

Affected products

n/a · n/a

public PoCs found — 2

cve_referencepacketstorm.linuxsecurity.com/0809-exploits/ephpb2b-sql.txtunverified exploitdbwww.exploit-db.com/exploits/32346unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstorm.linuxsecurity.com/0809-exploits/ephpb2b-sql.txt http://secunia.com/advisories/31795 https://exchange.xforce.ibmcloud.com/vulnerabilities/44975 http://www.securityfocus.com/archive/1/496186/100/0/threaded http://www.securityfocus.com/bid/31072