This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Web Development House | First view | 2009-07-13 |
| Product | Alibaba Clone | Last view | 2009-07-13 |
| Version | Type | Application | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:a:web_development_house:alibaba_clone:*:*:*:*:*:*:*:* | 1 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2009-07-13 | CVE-2009-2439 | Multiple SQL injection vulnerabilities in Web Development House Alibaba Clone allow remote attackers to execute arbitrary SQL commands via the (1) IndustryID parameter to category.php and the (2) SellerID parameter to supplier/view_contact_details.php. NOTE: this is a product that was developed by a third party; it is not associated with alibaba.com or the Alibaba Group. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 55786 | Alibaba Clone supplier/view_contact_details.php SellerID Parameter SQL Injection |
| 55785 | Alibaba Clone category.php IndustryID Parameter SQL Injection |
