CVE-2009-2894

Name of the Vulnerable Software and Affected Versions: Ebay Clone 2009

Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the id parameter to "product desc.php", and the cid parameter to "showcategory.php" and "gallery.php".

Recommendations: For Ebay Clone 2009, consider restricting access to the product desc.php, showcategory.php, and gallery.php scripts until a patch is available. As a temporary workaround, avoid using the id and cid parameters in the affected API endpoints until the issue is resolved.