CVE-2008-5638
Active Price Comparison 4 - SQL Injection
Title source: llmDescription
Multiple SQL injection vulnerabilities in Active Price Comparison 4 allow remote attackers to execute arbitrary SQL commands via the (1) ProductID parameter to reviews.aspx or the (2) linkid parameter to links.asp.
Exploits (1)
References (4)
Scores
EPSS
0.0049
EPSS Percentile
65.4%
Details
CWE
CWE-89
Status
published
Products (1)
activewebsoftwares/active_price_comparison
4.0
Published
Dec 17, 2008
Tracked Since
Feb 18, 2026