Multiple SQL injection vulnerabilities in ProductCart Ecommerce before 2.7 allow remote attackers to execute arbitrary SQL commands via the (1) idcategory parameter to viewPrd.asp, (2) lid parameter to editCategories.asp, (3) icd parameter to modCustomCardPaymentOpt.asp, or (4) idccr parameter to OptionFieldsEdit.asp.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2005-06-14T04:00:00
Updated: 2024-08-07T22:06:57.814Z
Reserved: 2005-06-14T00:00:00
Link: CVE-2005-1967
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2005-06-16T04:00:00.000
Modified: 2008-09-05T20:50:32.867
Link: CVE-2005-1967
Redhat
No data.