Description
SQL injection vulnerability in pocategories.php in MaxTrade 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categori and (2) stranica parameters.
Affected products
- avalon_ltd / maxtrade1.0.1 – 1.0.1
References
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/1581
- MISChttp://www.securityfocus.com/bid/17765
- MISChttp://pridels0.blogspot.com/2006/04/maxtrade-sql-inj.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/19876
- MISChttp://www.osvdb.org/25122
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/26171