CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-7193

Multiple SQL injection vulnerabilities in C2C Forward Auction Creator 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) pa parameter to auction/asp/list.asp, or the (2) UserID or (3) Password to auction/casp/admin.asp.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.041

EPSS Ranking 88.1%

CVSS Severity

CVSS v2 Score 7.5

References

http://osvdb.org/101075
http://osvdb.org/101076
http://packetstormsecurity.com/files/124441/c2cfac-sql.txt
http://www.securityfocus.com/bid/64329
https://exchange.xforce.ibmcloud.com/vulnerabilities/89752
https://exchange.xforce.ibmcloud.com/vulnerabilities/89755
http://osvdb.org/101075
http://osvdb.org/101076
http://packetstormsecurity.com/files/124441/c2cfac-sql.txt
http://www.securityfocus.com/bid/64329
https://exchange.xforce.ibmcloud.com/vulnerabilities/89752
https://exchange.xforce.ibmcloud.com/vulnerabilities/89755

Products affected by CVE-2013-7193

Etoshop » C2c Forward Auction Creator » Version: 2.0

cpe:2.3:a:etoshop:c2c_forward_auction_creator:2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-7193

Products

Pricing

Contact Us