CyberSec.Space Logo
CVEブラウザに戻る

CVE-2008-6874

HIGH
7.5
CVSS Severity Score
EPSS Score0.1890%
EPSS Percentile24.75th
Published2009年7月24日
Last Modified2026年4月23日

Vulnerability Description

Multiple SQL injection vulnerabilities in ASP SiteWare autoDealer 1 and 2 allow remote attackers to execute arbitrary SQL commands via the iType parameter in (1) Auto1/type.asp or (2) auto2/type.asp.

Affected Platforms (CPE)

📦
Aspsiteware

Autodealer

= 1.0
📦
Aspsiteware

Autodealer

= 2.0

References & Advisories

🔗 http://secunia.com/advisories/23572
🔗 http://www.securityfocus.com/bid/32812
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/47365
🔗 https://www.exploit-db.com/exploits/7463
🔗 http://secunia.com/advisories/23572
🔗 http://www.securityfocus.com/bid/32812
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/47365
🔗 https://www.exploit-db.com/exploits/7463

関連する脆弱性情報

CVE-2007-00537.5

SQL injection vulnerability in detail.asp in ASP SiteWare autoDealer 2.0 and earlier allows remote attackers to execute arbitrary ...

CVE-2008-40737.5

SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL comma...

CVE-2008-40747.5

SQL injection vulnerability in index.php in Zanfi Autodealers CMS AutOnline allows remote attackers to execute arbitrary SQL comma...

CVE-2008-55957.5

SQL injection vulnerability in detail.asp in ASP AutoDealer allows remote attackers to execute arbitrary SQL commands via the ID p...