SQL Injection Vulnerability in PHP Labs Top Auction 1.0: Remote Code Execution

CVE-2005-3952 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in PHP Labs Top Auction allows remote attackers to execute arbitrary SQL commands via the (1) category and (2) type parameters to viewcat.php, or (3) certain search parameters. NOTE: later a disclosure reported the affected version as 1.0.

Learn more about our Web Application Penetration Testing UK.