Description

SQL injection vulnerability in the admin panel (admin/) in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the username.

Remediation

References

CVE-2008-7116

Related Vulnerabilities

Jenkins Improper Input Validation Vulnerability (CVE-2017-1000394)

SharePoint CVE-2021-31181 Vulnerability (CVE-2021-31181)

WordPress Plugin SP Project & Document Manager Arbitrary File Upload (4.22)

Python Use After Free Vulnerability (CVE-2018-1000030)

WordPress Plugin iThemes Security (formerly Better WP Security) Unspecified Vulnerability (6.9.0)

Severity

High

Classification

CVE-2008-7116 CWE-138

Tags

Missing Update Known Vulnerabilities