CVE-2010-1924

Phpscripte24 Live Shopping Multi Portal System - SQL Injection

Title source: rule

Description

SQL injection vulnerability in index.php in Hi Web Wiesbaden Live Shopping Multi Portal System allows remote attackers to execute arbitrary SQL commands via the artikel parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Easy Laster · rubywebappsphp

https://www.exploit-db.com/exploits/12545

View Code ZIP pw:eip

References (5)

[Vendor Advisory] http://secunia.com/advisories/39718

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/58392

[Exploit] http://www.exploit-db.com/exploits/12545

[Exploit] http://www.securityfocus.com/bid/40040

[Third Party Advisory, VDB Entry] http://osvdb.org/64512

Scores

EPSS 0.0016

EPSS Percentile 36.2%

Details

CWE

CWE-89

Status published

Products (1)

phpscripte24/live_shopping_multi_portal_system

Published May 12, 2010

Tracked Since Feb 18, 2026