1 results (0.001 seconds)
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2008-4786 – e107 Plugin EasyShop - 'category_id' Blind SQL Injection
https://notcve.org/view.php?id=CVE-2008-4786
SQL injection vulnerability in easyshop.php in the EasyShop plugin for e107 allows remote attackers to execute arbitrary SQL commands via the category_id parameter. Vulnerabilidad de inyección de SQL en easyshop.php del plugin EasyShop para e107 permite a un atacante remoto ejecutar comandos SQL de su elección por medio del parámetro category_id. • https://www.exploit-db.com/exploits/6852 http://securityreason.com/securityalert/4531 http://www.securityfocus.com/bid/31948 https://exchange.xforce.ibmcloud.com/vulnerabilities/46147 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •