CVE-2005-4429

SQL injection vulnerability in CS-Cart 1.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) sort_by and (2) sort_order parameters to index.php.

Date published : 2005-12-20

http://www.securityfocus.com/bid/16134

http://pridels0.blogspot.com/2005/11/cs-cart-sql-inj-vuln.html