2008-12-17 18:30:00 2017-09-29 03:32:43

SQL injection vulnerability in bidhistory.asp in Active Bids 3.5 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.