CVE-2008-3136

AShop Deluxe 4.x - SQL Injection

Title source: llm

Description

SQL injection vulnerability in catalogue.php in AShop Deluxe 4.x allows remote attackers to execute arbitrary SQL commands via the cat parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by n0c0py · perlwebappsphp
https://www.exploit-db.com/exploits/5976

References (4)

Scores

EPSS 0.0041
EPSS Percentile 61.6%

Details

CWE
CWE-89
Status published
Products (1)
ashopsoftware/ashop_deluxe 4
Published Jul 10, 2008
Tracked Since Feb 18, 2026