CVE-2008-0546

NONECVSS 0.0

0.0

Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allow remote attackers to execute arbitrary SQL commands via the (1) idProduct and (2) options parameters to (a) ajax/ajax_optInventory.asp, or the (2) recid parameter to (b) ajax/ajax_getBrands.asp.

🔗 References (16)

cve@mitrehttp://secunia.com/advisories/28662
cve@mitrehttp://securityreason.com/securityalert/3600
cve@mitrehttp://www.candypress.com/CPforum/forum_posts.asp?TID=10630&PN=1
cve@mitrehttp://www.securityfocus.com/archive/1/487058/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/27454
cve@mitrehttp://www.vupen.com/english/advisories/2008/0314
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/39939
cve@mitrehttps://www.exploit-db.com/exploits/4988
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28662
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3600
af854a3a-2127-422b-91ae-364da2661108http://www.candypress.com/CPforum/forum_posts.asp?TID=10630&PN=1
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/487058/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/27454
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0314
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/39939

Is Your Infrastructure Affected by CVE-2008-0546?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-0546

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-0546?