CVE-2009-3203

UNRATEDJSON export Create alert

Description

SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected products

ajsquare / aj_auction_pro-oopd2.0 – 2.0

References

VENDOR_ADVISORYhttp://secunia.com/advisories/36369
MISChttp://osvdb.org/57159
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/52527
EXPLOIThttp://packetstormsecurity.org/0908-exploits/ajauctionoopd2-sql.txt