SQL Injection Vulnerability in iTechBids by iTechBids
CVE-2008-0692

Currently unrated

Key Information:

Vendor: Itechscripts
Status: Itechbids
Vendor: CVE Published:; 12 February 2008

🔔 Create Itechscripts Vulnerability Alert

What is CVE-2008-0692?

The iTechBids platform contains a vulnerability in the bidhistory.php file that permits remote attackers to execute arbitrary SQL commands through manipulation of the item_id parameter. This security flaw can lead to unauthorized access to sensitive data, making it essential for users of affected versions to implement necessary updates and security measures to safeguard their systems.

References

https://www.exploit-db.com/exploits/5056

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/27601

vdb-entryx_refsource_BID

http://secunia.com/advisories/28780

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 12, 2008
Vulnerability Reserved
Feb 11, 2008