Description

SQL injection vulnerability in the admin panel (admin/) in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the username.

Remediation

References

CVE-2008-7116

Related Vulnerabilities

Apache HTTP Server Other Vulnerability (CVE-2003-0017)

WordPress Plugin Rich Reviews Cross-Site Scripting (1.7.4)

Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7565)

WordPress Plugin Elementor Website Builder Cross-Site Scripting (2.9.9)

WordPress Plugin Simple Link Directory PHP Object Injection (5.5.0)

Severity

High

Classification

CVE-2008-7116 CWE-138

Tags

Missing Update Known Vulnerabilities