Description
SQL injection vulnerability in category.php in Flinx 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Houssamix · textwebappsphp
https://www.exploit-db.com/exploits/4985
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/27448
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0313
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/4985
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/39930
Scores
EPSS
0.0046
EPSS Percentile
64.3%
Details
CWE
CWE-89
Status
published
Products (1)
flinx/flinx
< 1.3
Published
Jan 29, 2008
Tracked Since
Feb 18, 2026