CVE-2009-0426

DMXReady Classified Listings Manager <1.1 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Classified Listings Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by ajann · textwebappsasp
https://www.exploit-db.com/exploits/7767

References (4)

Scores

EPSS 0.0038
EPSS Percentile 58.8%

Classification

CWE
CWE-89
Status draft

Affected Products (1)

dmxready/classified_listings_manager

Timeline

Published Feb 05, 2009
Tracked Since Feb 18, 2026