CVE-2008-0546 Information

Description

Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26 and earlier 4.1.x versions allow remote attackers to execute arbitrary SQL commands via the (1) idProduct and (2) options parameters to (a) ajax/ajax_optInventory.asp or the (2) recid parameter to (b) ajax/ajax_getBrands.asp.

Reference

http://secunia.com/advisories/28662 http://securityreason.com/securityalert/3600 http://www.candypress.com/CPforum/forum_posts.asp?TID=10630&PN=1 http://www.securityfocus.com/archive/1/487058/100/0/threaded http://www.securityfocus.com/bid/27454 http://www.vupen.com/english/advisories/2008/0314 https://exchange.xforce.ibmcloud.com/vulnerabilities/39939 https://www.exploit-db.com/exploits/4988