Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active Bids allow remote attackers to execute arbitrary SQL commands via (1) the catid parameter in the PATH_INFO to the default URI or (2) the catid parameter to default.asp. NOTE: this might overlap CVE-2009-0429.3. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ActiveWebSoftwares Active Bids 多个SQL注入漏洞
Vulnerability Description
ActiveWebSoftwares Active Bids中存在多个SQL注入漏洞,远程攻击者可以借助(1)对默认URI的PATH_INFO中的catid参数或(2)对default.asp的catid参数执行任意SQL指令。注意:信息起源未知,细节可以从第三方信息单独获得。
CVSS Information
N/A
Vulnerability Type
N/A