Multiple SQL injection vulnerabilities in C2C Forward Auction Creator 2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) pa parameter to auction/asp/list.asp, or the (2) UserID or (3) Password to auction/casp/admin.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
etoshop c2c forward auction creator 2.0 |