CVE-2011-0510

Awbs Advanced Webhost Billing System < 2.9.2 - SQL Injection

Title source: rule

Description

SQL injection vulnerability in cart.php in Advanced Webhost Billing System (AWBS) 2.9.2 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the oid parameter in an add_other action.

Exploits (1)

exploitdb WORKING POC VERIFIED

by ShivX · textwebappsphp

https://www.exploit-db.com/exploits/16003

View Code ZIP pw:eip

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/64726

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/16003

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/42944

Scores

EPSS 0.0120

EPSS Percentile 79.1%

Details

CWE

CWE-89

Status published

Products (43)

awbs/advanced_webhost_billing_system 2.0

awbs/advanced_webhost_billing_system 2.0.1

awbs/advanced_webhost_billing_system 2.0.2

awbs/advanced_webhost_billing_system 2.0.3

awbs/advanced_webhost_billing_system 2.0.4

awbs/advanced_webhost_billing_system 2.0.5

awbs/advanced_webhost_billing_system 2.0.6

awbs/advanced_webhost_billing_system 2.1.0

awbs/advanced_webhost_billing_system 2.1.1

awbs/advanced_webhost_billing_system 2.1.2

... and 33 more

Published Jan 20, 2011

Tracked Since Feb 18, 2026