Description
SQL injection vulnerability in detail.asp in ASP SiteWare autoDealer 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the iPro parameter.
Exploits (2)
exploitdb
WRITEUP
VERIFIED
by Sid3^effects · textwebappsphp
https://www.exploit-db.com/exploits/12462
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/32539
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/21833
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23572
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/3062
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/31219
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0016
Scores
EPSS
0.0275
EPSS Percentile
86.1%
Details
Status
published
Products (1)
asp_siteware/autodealer
< 2.0
Published
Jan 04, 2007
Tracked Since
Feb 18, 2026