Multiple SQL injection vulnerabilities in Active Bids allow remote malicious users to execute arbitrary SQL commands via the (1) search parameter to search.asp, (2) SortDir parameter to auctionsended.asp, and the (3) catid parameter to wishlist.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
activewebsoftwares active bids |