Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Feb 26, 2010· Updated Apr 29, 2026

CVE-2010-0723

CVE-2010-0723

Description

SQL injection vulnerability in news.php in Ero Auktion 2.0 and 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected products

2

Mhproducts/Ero Auktion2 versions
cpe:2.3:a:mhproducts:ero_auktion:2.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mhproducts:ero_auktion:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:mhproducts:ero_auktion:2010:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

8

4004securityproject.wordpress.com/2010/02/21/ero-auktion-2010-sql-injection-news-php/nvdExploit
4004securityproject.wordpress.com/2010/02/21/ero-auktion-v-2-0-sql-injection-news-php/nvdExploit
packetstormsecurity.org/1002-exploits/eroauktion20-sql.txtnvdExploit
packetstormsecurity.org/1002-exploits/eroauktion2010-sql.txtnvdExploit
www.exploit-db.com/exploits/11521nvdExploit
www.exploit-db.com/exploits/11522nvdExploit
secunia.com/advisories/38666nvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/56446nvd

News mentions

0

No linked articles in our index yet.