CVE-2009-2439
Last modified
CVE-2009-2439 is a vulnerability of currently unknown severity. Multiple SQL injection vulnerabilities in Web Development House Alibaba Clone allow remote attackers to execute arbitrary SQL commands via the (1) IndustryID parameter to category.php and the (2) SellerID parameter to supplier/view_contact_details.php. NOTE: this is a product that was developed by a third party; it is not associated with alibaba.com or the Alibaba Group.. EPSS estimates a 1.00% chance of exploitation in the next 30 days.
Description
Multiple SQL injection vulnerabilities in Web Development House Alibaba Clone allow remote attackers to execute arbitrary SQL commands via the (1) IndustryID parameter to category.php and the (2) SellerID parameter to supplier/view_contact_details.php. NOTE: this is a product that was developed by a third party; it is not associated with alibaba.com or the Alibaba Group.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Web Development House | Alibaba Clone | All versions |
References
- http://secunia.com/advisories/35741Vendor Advisory
- http://www.vupen.com/english/advisories/2009/1838Vendor Advisory
- http://secunia.com/advisories/35741Vendor Advisory
- http://www.vupen.com/english/advisories/2009/1838Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-2439?
How severe is CVE-2009-2439?
How do I fix CVE-2009-2439?
Are you affected by CVE-2009-2439?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST