Vulnerabilities (CVE)

Filtered by vendor Activewebsoftwares Subscribe
Filtered by product Active Auction House
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-4437 1 Activewebsoftwares 1 Active Auction House 2024-11-21 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in Active Auction House 3.6 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to wishlist.asp and the (2) linkid parameter to links.asp. NOTE: vector 1 might overlap CVE-2005-1029.1.