Description

SQL injection vulnerability in the admin panel (admin/) in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the username.

Remediation

References

CVE-2008-7116

Related Vulnerabilities

WordPress 3.8.4 Multiple Vulnerabilities (3.8 - 3.8.4)

Atlassian Confluence Unauthenticated Remote Code Execution Vulnerability (CVE-2022-26134)

Ruby Improper Authentication Vulnerability (CVE-2017-10784)

WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.38)

Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9514)

Severity

High

Classification

CVE-2008-7116 CWE-138

Tags

Missing Update Known Vulnerabilities