CVE-2005-0935

Esmi Paypal Storefront - SQL Injection

Title source: rule

Description

Multiple SQL injection vulnerabilities in ESMI PayPal Storefront allow remote attackers to execute arbitrary SQL commands via the (1) idpages parameter to pages.php or the (2) id2 parameter to products1.php.

Exploits (2)

exploitdb WRITEUP VERIFIED

by Dcrab · textwebappsphp

https://www.exploit-db.com/exploits/25279

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Dcrab · bashwebappsphp

https://www.exploit-db.com/exploits/25278

View Code ZIP pw:eip

References (7)

[Mailing List] http://marc.info/?l=bugtraq&m=111221890614271&w=2

[Vendor Advisory] http://secunia.com/advisories/14711

[Exploit] http://securitytracker.com/id?1013563

[Exploit] http://www.hackerscenter.com/Archive/view.asp?id=1774

[Exploit] http://www.securityfocus.com/bid/12903

[Third Party Advisory, VDB Entry] http://www.osvdb.org/15057

[Third Party Advisory, VDB Entry] http://www.osvdb.org/15058

Scores

EPSS 0.0153

EPSS Percentile 81.4%

Details

Status published

Products (1)

esmi/paypal_storefront 1.7

Published May 02, 2005

Tracked Since Feb 18, 2026