CVE-2010-0693

CommodityRentals Trade Manager Script - SQL Injection

Title source: llm

Description

SQL injection vulnerability in products.php in CommodityRentals Trade Manager Script allows remote attackers to execute arbitrary SQL commands via the cid parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by JaMbA · textwebappsphp

https://www.exploit-db.com/exploits/11412

View Code ZIP pw:eip

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/62294

Exploit x_refsource_misc

http://packetstormsecurity.org/1002-exploits/trademanager-sql.txt

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/56223

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/38556

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/11412

Scores

EPSS 0.0050

EPSS Percentile 66.3%

Details

CWE

CWE-89

Status published

Products (1)

commodityrentals/trade_manager_script

Published Feb 23, 2010

Tracked Since Feb 18, 2026