Multiple SQL injection vulnerabilities in login.php in 2daybiz Auction Script allow remote malicious users to execute arbitrary SQL commands via (1) the login field (aka the username parameter), and possibly (2) the password field, to index.php. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
2daybiz auction script |