Unrated severityNVD Advisory· Published Jul 13, 2009· Updated Jun 16, 2026
CVE-2009-2439
CVE-2009-2439
Description
Multiple SQL injection vulnerabilities in Web Development House Alibaba Clone allow remote attackers to execute arbitrary SQL commands via the (1) IndustryID parameter to category.php and the (2) SellerID parameter to supplier/view_contact_details.php. NOTE: this is a product that was developed by a third party; it is not associated with alibaba.com or the Alibaba Group.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:web_development_house:alibaba_clone:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:web_development_house:alibaba_clone:*:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
3- packetstormsecurity.org/0907-exploits/alibabaclone-sql.txtnvdExploit
- secunia.com/advisories/35741nvdVendor Advisory
- www.vupen.com/english/advisories/2009/1838nvdVendor Advisory
News mentions
0No linked articles in our index yet.