CVE-2010-4860

SQL injection vulnerability in product_desc.php in MyPhpAuction 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Date published : 2011-10-05

http://www.exploit-db.com/exploits/15154

http://packetstormsecurity.org/1009-exploits/myphpauction-sql.txt