CVE-2009-2423

Ebay Clone 2009 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in category.php in Ebay Clone 2009 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter in a list action.

Exploits (1)

exploitdb WORKING POC

webappsphp

https://www.exploit-db.com/exploits/9118

View on exploitdb

References (2)

[Exploit] http://packetstorm.linuxsecurity.com/0907-exploits/ebayclone2009-sqlxss.txt

[Vendor Advisory] http://secunia.com/advisories/35713

Scores

EPSS 0.0025

EPSS Percentile 47.8%

Classification

CWE

CWE-89

Status draft

Affected Products (1)

ebayclonescript/ebay_clone

Timeline

Published Jul 10, 2009

Tracked Since Feb 18, 2026