CVE-2008-4175 Information

Description

Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) ucat parameter to upgrade.php and the (2) id parameter to linkadmin/edit.php.

Reference

http://secunia.com/advisories/31853 http://securityreason.com/securityalert/4299 http://www.securityfocus.com/bid/31191 https://exchange.xforce.ibmcloud.com/vulnerabilities/45153 https://exchange.xforce.ibmcloud.com/vulnerabilities/45155 https://www.exploit-db.com/exploits/6466