CVE-2005-0907

Loading...

General

Score:7.5/10.0
Severity:High
Category:N/A

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 02/05/05 - Updated on 05/09/08

Description

Multiple SQL injection vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to category.php, (2) the id parameter to item.php, (3) the lang parameter to index.php, (4) the searchQuery parameter to search_result.php, (5) or the searchTopCategoryID parameter to search_result.php.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2005-0907

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
valdersoftshopping_cart

Share this vulnerability with:

Twitter Facebook LinkedIn Mail