CyberSec.Space Logo
Back to CVE Browser

CVE-2008-6874

HIGH
7.5
CVSS Severity Score
EPSS Score0.1890%
EPSS Percentile24.75th
PublishedJul 24, 2009
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote attackers to execute arbitrary SQL commands via the iType parameter in (1) Auto1/type.asp or (2) auto2/type.asp.

Affected Platforms (CPE)

πŸ“¦
Aspsiteware

Autodealer

= 1.0
πŸ“¦
Aspsiteware

Autodealer

= 2.0

References & Advisories

πŸ”— http://secunia.com/advisories/23572
πŸ”— http://www.securityfocus.com/bid/32812
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/47365
πŸ”— https://www.exploit-db.com/exploits/7463
πŸ”— http://secunia.com/advisories/23572
πŸ”— http://www.securityfocus.com/bid/32812
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/47365
πŸ”— https://www.exploit-db.com/exploits/7463

Related Vulnerabilities

CVE-2007-00537.5

SQL injection vulnerability in detail.asp in ASP SiteWare autoDealer 2.0 and earlier allows remote attackers to execute arbitrary ...

CVE-2008-40737.5

SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL comma...

CVE-2008-40747.5

SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL comma...

CVE-2008-55957.5

SQL injection vulnerability in detail.asp in ASP AutoDealer allows remote attackers to execute arbitrary SQL commands via the ID p...