Unrated severityNVD Advisory· Published Dec 1, 2005· Updated Apr 6, 2026

CVE-2005-3937

Description

SQL injection vulnerability in Softbiz B2B Trading Marketplace Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the cid parameter in (1) selloffers.php, (2) buyoffers.php, (3) products.php, or (4) profiles.php.

Affected products

Softbizscripts/B2b Trading Marketplace Script
cpe:2.3:a:softbizscripts:b2b_trading_marketplace_script:*:*:*:*:*:*:*:*
Range: <=1.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/17808nvdThird Party Advisory
pridels0.blogspot.com/2005/11/softbiz-b2b-trading-marketplace-script.htmlnvdBroken Link
www.osvdb.org/21252nvdBroken Link
www.osvdb.org/21253nvdBroken Link
www.osvdb.org/21254nvdBroken Link
www.osvdb.org/21255nvdBroken Link
www.securityfocus.com/bid/15652nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000