Vulnerability Details CVE-2017-17621
Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATH_INFO to the /detail URI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.042
EPSS Ranking 88.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://packetstormsecurity.com/files/145331/Multivendor-Penny-Auction-Clone-Script-1.0-SQL-Injection.html
- https://packetstormsecurity.com/files/145333/Multivendor-Penny-Auction-Clone-Script-1.0-SQL-Injection.html
- https://www.exploit-db.com/exploits/43290/
- https://packetstormsecurity.com/files/145331/Multivendor-Penny-Auction-Clone-Script-1.0-SQL-Injection.html
- https://packetstormsecurity.com/files/145333/Multivendor-Penny-Auction-Clone-Script-1.0-SQL-Injection.html
- https://www.exploit-db.com/exploits/43290/
Products affected by CVE-2017-17621
-
Multivendor Penny Auction Clone Script Project » Multivendor Penny Auction Clone Script » Version: 1.0cpe:2.3:a:multivendor_penny_auction_clone_script_project:multivendor_penny_auction_clone_script:1.0