Description
SQL injection vulnerability in rss.php in Ultimate Regnow Affiliate (URA) 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Chip d3 bi0s · textwebappsphp
https://www.exploit-db.com/exploits/9263
References (1)
Core 1
Core References
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/9263
Scores
EPSS
0.0023
EPSS Percentile
46.1%
Details
CWE
CWE-89
Status
published
Products (1)
phpsugar/ultimate_regnow_affiliate
3.0
Published
Aug 20, 2009
Tracked Since
Feb 18, 2026