1 results (0.002 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2008-1641 – EfesTECH Video 5.0 - 'catID' SQL Injection
https://notcve.org/view.php?id=CVE-2008-1641
SQL injection vulnerability in default.asp in EfesTECH Video 5.0 allows remote attackers to execute arbitrary SQL commands via the catID parameter. Vulnerabilidad de inyección SQL en default.asp de EfesTECH Video 5.0, permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro catID. • https://www.exploit-db.com/exploits/31582 http://secunia.com/advisories/29611 http://securityreason.com/securityalert/3791 http://www.securityfocus.com/archive/1/490309/100/0/threaded http://www.securityfocus.com/bid/28532 https://exchange.xforce.ibmcloud.com/vulnerabilities/41550 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •