CVE-2007-1298

UNRATEDJSON export Create alert

Description

SQL injection vulnerability in subcat.php in AJ Auction 1.0 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter.

Affected products

aj_square / ajauction1.0 – 1.0

References

MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/32789
MISChttp://www.securityfocus.com/bid/22808
EXPLOIThttps://www.exploit-db.com/exploits/3408
VENDOR_ADVISORYhttp://secunia.com/advisories/24375
VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2007/0819
MISChttp://osvdb.org/33826