CVE-2008-6887

Preprojects Pre Classified Listings - SQL Injection

Title source: rule

Description

SQL injection vulnerability in detailad.asp in Pre Classified Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the siteid parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Pouya_Server · textwebappsasp

https://www.exploit-db.com/exploits/32609

View Code ZIP pw:eip

References (3)

Core 3

Core References

Exploit x_refsource_misc

http://packetstormsecurity.org/0812-exploits/preclass-sqlxss.txt

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/32566

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/47006

Scores

EPSS 0.0029

EPSS Percentile 52.3%

Details

CWE

CWE-89

Status published

Products (1)

preprojects/pre_classified_listings 1.0

Published Aug 03, 2009

Tracked Since Feb 18, 2026