Description

SQL injection vulnerability in the admin panel (admin/) in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the username.

Remediation

References

CVE-2008-7116

Related Vulnerabilities

WordPress Plugin Chat Cross-Site Scripting (1.0.8)

WordPress Plugin Acunetix Secure WordPress Cross-Site Request Forgery (3.0.2)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32668)

WordPress Plugin Carousel slideshow 'upload.php' Arbitrary File Upload (3.9)

PrestaShop CVE-2018-13784 Vulnerability (CVE-2018-13784)

Severity

High

Classification

CVE-2008-7116 CWE-138

Tags

Missing Update Known Vulnerabilities