CVE-2005-1361

Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter in product.asp or (2) strCatalog_NAME parameter to productsByCategory.asp.

Date published : 2005-04-28

http://www.securityfocus.com/bid/13376

http://www.securityfocus.com/bid/13377