CVE-2008-5605 Information

Description

Multiple SQL injection vulnerabilities in ASP Portal allow remote attackers to execute arbitrary SQL commands via the (1) ItemID parameter to classifieds.asp and the (2) ID parameter to Events.asp.

Reference

http://securityreason.com/securityalert/4763 http://www.securityfocus.com/bid/32662 https://exchange.xforce.ibmcloud.com/vulnerabilities/47127 https://exchange.xforce.ibmcloud.com/vulnerabilities/47268 https://www.exploit-db.com/exploits/7357