Description

SQL injection vulnerability in item.php in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Remediation

References

CVE-2008-7119

Related Vulnerabilities

MySQL CVE-2022-21287 Vulnerability (CVE-2022-21287)

Artifactory Missing Authorization Vulnerability (CVE-2019-10322)

Apache HTTP Server Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2001-0131)

Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44310)

PHP multipart/form-data denial of service

Severity

High

Classification

CVE-2008-7119 CWE-138

Tags

Missing Update Known Vulnerabilities