Aggregates CVE and security vulnerability intelligence across all alibabaclone-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk sql injection; exposure may include vendor impact data exposure in vendor surface software deployment and vendor surface production workloads contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2010-4849 | SQL injection vulnerability in countrydetails.php in Alibaba Clone B2B 3.4 allows remote attackers to execute arbitrary SQL commands via the es_id parameter. | [email protected] | 7.5 | 0.23% | 2011-09-27 | 2026-04-29 |
| CVE-2010-1744 | SQL injection vulnerability in product.html in B2B Gold Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | [email protected] | 7.5 | 1.61% | 2010-05-06 | 2026-04-29 |
| CVE-2010-1726 | SQL injection vulnerability in offers_buy.php in EC21 Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | [email protected] | 7.5 | 0.72% | 2010-05-06 | 2026-04-29 |
| CVE-2010-1725 | SQL injection vulnerability in offers_buy.php in Alibaba Clone Platinum allows remote attackers to execute arbitrary SQL commands via the id parameter. | [email protected] | 7.5 | 0.72% | 2010-05-06 | 2026-04-29 |
| CVE-2009-3504 | SQL injection vulnerability in offers_buy.php in Alibaba Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | [email protected] | 7.5 | 0.34% | 2009-09-30 | 2026-04-23 |