CVE-2005-0907

Multiple SQL injection vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to category.php, (2) the id parameter to item.php, (3) the lang parameter to index.php, (4) the searchQuery parameter to search_result.php, (5) or the searchTopCategoryID parameter to search_result.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:valdersoft:shopping_cart:3.0:*:*:*:*:*:*:*

History

20 Nov 2024, 23:56

Type Values Removed Values Added
References () http://securitytracker.com/id?1013565 - Exploit, Patch () http://securitytracker.com/id?1013565 - Exploit, Patch
References () http://www.securityfocus.com/archive/1/394406/2005-03-26/2005-04-01/2 - Exploit, Vendor Advisory () http://www.securityfocus.com/archive/1/394406/2005-03-26/2005-04-01/2 - Exploit, Vendor Advisory

Information

Published : 2005-05-02 04:00

Updated : 2024-11-20 23:56


NVD link : CVE-2005-0907

Mitre link : CVE-2005-0907

CVE.ORG link : CVE-2005-0907


JSON object : View

Products Affected

valdersoft

  • shopping_cart