CVE-2008-3238
ITechBids 7.0 Gold - SQL Injection via seller_id, productid, or id Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2008-3238. PoCs published by Encrypt3d.M!nd.
AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in ITechBids 7.0 Gold, including XSS and SQL injection. The PoC provides specific URLs with payloads to exploit these vulnerabilities.
Description
Multiple SQL injection vulnerabilities in ITechBids 7.0 Gold allow remote attackers to execute arbitrary SQL commands via (1) the seller_id parameter in sellers_othersitem.php, (2) the productid parameter in classifieds.php, and (3) the id parameter in shop.php.
Exploits (1)
This exploit demonstrates multiple vulnerabilities in ITechBids 7.0 Gold, including XSS and SQL injection. The PoC provides specific URLs with payloads to exploit these vulnerabilities.