Description
SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and Downline Goldmine Builder allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
Exploits (4)
exploitdb
WORKING POC
VERIFIED
by Hussin X · textwebappsphp
https://www.exploit-db.com/exploits/6950
exploitdb
WORKING POC
VERIFIED
by Hussin X · textwebappsphp
https://www.exploit-db.com/exploits/6951
exploitdb
WORKING POC
VERIFIED
by Hussin X · textwebappsphp
https://www.exploit-db.com/exploits/6947
exploitdb
WORKING POC
VERIFIED
by Hussin X · textwebappsphp
https://www.exploit-db.com/exploits/6946
References (14)
Core 14
Core References
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/6947
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2993
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2992
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45128
Exploit x_refsource_misc
http://packetstorm.linuxsecurity.com/0809-exploits/downline-sql.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/31169
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/6950
Various Sources x_refsource_misc
http://packetstorm.linuxsecurity.com/0809-exploits/categoryaddon-sql.txt
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/6951
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2995
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/6946
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31812
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2994
Exploit x_refsource_misc
http://packetstormsecurity.org/0809-exploits/newdownline-sql.txt
Scores
EPSS
0.0382
EPSS Percentile
88.2%
Details
CWE
CWE-89
Status
published
Products (5)
downline_goldmine/builder
downline_goldmine/builder
special_category_addon
downline_goldmine/builder
unknown unknown
downline_goldmine/new_addon
downline_goldmine/new_addon
pro
Published
Sep 23, 2008
Tracked Since
Feb 18, 2026