CVE-2024-35409

WeBid 1.1.2 is vulnerable to SQL Injection via admin/tax.php.

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

References

Link	Resource
https://github.com/ixpqxi/CVE_LIST/blob/master/WeBid_sqli/WeBid_v1.1.2_sql_injection_vulnerability.md	Exploit Third Party Advisory
https://github.com/ixpqxi/CVE_LIST/blob/master/WeBid_sqli/WeBid_v1.1.2_sql_injection_vulnerability.md	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:webidsupport:webid:1.1.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-05-22 14:15

Updated : 2025-05-28 19:59

NVD link : CVE-2024-35409

Mitre link : CVE-2024-35409

CVE.ORG link : CVE-2024-35409

JSON object : View

Products Affected

webidsupport

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')