CVE-2010-4632

by Fred · 30/12/2010

Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to execute arbitrary SQL commands via the (1) article parameter to kb.asp, (2) specific parameter to cart.asp, (3) countrycode parameter to contact.asp, and the (4) srch parameter to search.asp. NOTE: the article parameter to pilot.asp is already covered by CVE-2008-2688.

Date published : 2010-12-30

http://www.securityfocus.com/bid/44698

http://www.exploit-db.com/exploits/15448

CVE-2010-4632

Related

Recent Posts

Categories

Latest CWE

CVE-2010-4632

Share this:

Related

Recent Posts

Categories

Tags

Latest CWE