virus logo Intrusion Prevention

PHP.Labs.Top.Auction.search.php.SQL.Injection

description-logoDescription

This indicates a possible exploit of a SQL infection vulnerability in Top Auction that may allow an attacker to carry out an SQL injection attack. The issue is due to the search.php script not properly sanitizing user-supplied input to the "searchterm" variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.

affected-products-logoAffected Products

Top Auction (www.phplabs.com).

Impact logoImpact

Data compromise.

recomended-action-logoRecommended Actions

Apply appropriate patch from the vendor if available.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

1
ID 103481507
Created Nov 30, 2005
Updated Apr 23, 2014
Risk black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action Unavailable
Active