RSS   Podatności dla 'Metacart2'   RSS

2005-05-02
 
CVE-2005-1363

 
 
Multiple SQL injection vulnerabilities in MetaCart 2.0 for PayFlow allow remote attackers to execute arbitrary commands via (1) intCatalogID, (2) strSubCatalogID, or (3) strSubCatalog_NAME parameter to productsByCategory.asp, (4) curCatalogID, (5) strSubCatalog_NAME, (6) intCatalogID, or (7) page parameter to productsByCategory.asp or (8) intProdID parameter to product.asp.

 
 
CVE-2005-1362

 
 
Multiple SQL injection vulnerabilities in MetaCart 2.0 for Paypal allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter to product.asp, (2) intCatalogID or (3) strSubCatalogID parameters to productsByCategory.asp, (4) chkText, (5) strText, (6) chkPrice, (7) intPrice, (8) chkCat, or (9) strCat parameters to searchAction.asp.

 

 >>> Vendor: Metalinks 5 Produkty
Metacart2.sql
Metacart
Metacart e-shop
Metacart2
Metabid auctions

Copyright 2024, cxsecurity.com

 

Back to Top