Description
Multiple SQL injection vulnerabilities in login.php in ScriptsFeed Business Directory Software allow remote attackers to execute arbitrary SQL commands via the (1) us and (2) ps parameters.
Exploits (1)
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/56570
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38771
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0494
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/11592
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/62626
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/38470
Scores
EPSS
0.0028
EPSS Percentile
51.7%
Details
CWE
CWE-89
Status
published
Products (1)
scriptsfeed/business_directory_software
Published
Mar 24, 2010
Tracked Since
Feb 18, 2026