CVE-2005-3937

Softbiz B2b Trading Marketplace Script < 1.1 - SQL Injection

Title source: rule

Description

SQL injection vulnerability in Softbiz B2B Trading Marketplace Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the cid parameter in (1) selloffers.php, (2) buyoffers.php, (3) products.php, or (4) profiles.php.

Exploits (5)

exploitdb WORKING POC VERIFIED

by AnGrY BoY · textwebappsphp

https://www.exploit-db.com/exploits/10656

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by r0t · textwebappsphp

https://www.exploit-db.com/exploits/26669

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by r0t · textwebappsphp

https://www.exploit-db.com/exploits/26672

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by r0t · textwebappsphp

https://www.exploit-db.com/exploits/26671

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by r0t · textwebappsphp

https://www.exploit-db.com/exploits/26670

View Code ZIP pw:eip

References (7)

Core 7

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/21254

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/15652

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/21252

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17808

Third Party Advisory x_refsource_misc

http://pridels0.blogspot.com/2005/11/softbiz-b2b-trading-marketplace-script.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/21255

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/21253

Scores

EPSS 0.0082

EPSS Percentile 74.5%

Details

Status published

Products (2)

softbiz/b2b_trading_marketplace_script < 1.1

softbizscripts/b2b_trading_marketplace_script < 1.1

Published Dec 01, 2005

Tracked Since Feb 18, 2026