RSS   Vulnerabilities for 'Estore'   RSS

2003-08-18
 
CVE-2003-0586

 

 
Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to obtain sensitive path information via a direct HTTP request to settings.inc.php.

 
 
CVE-2003-0585

 

 
SQL injection vulnerability in login.asp of Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to bypass authentication and execute arbitrary SQL code via the (1) user or (2) pass parameters.

 


Copyright 2019, cxsecurity.com

 

Back to Top