Multiple SQL injection vulnerabilities in MetaCart 2.0 for Paypal allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter to product.asp, (2) intCatalogID or (3) strSubCatalogID parameters to productsByCategory.asp, (4) chkText, (5) strText, (6) chkPrice, (7) intPrice, (8) chkCat, or (9) strCat parameters to searchAction.asp.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://marc.info/?l=bugtraq&m=111454090503662&w=2 |
![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2005-04-28T04:00:00
Updated: 2024-08-07T21:44:06.450Z
Reserved: 2005-04-28T00:00:00
Link: CVE-2005-1362

No data.

Status : Modified
Published: 2005-05-02T04:00:00.000
Modified: 2024-11-20T23:57:10.320
Link: CVE-2005-1362

No data.