CVE-2004-2108
8.9 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.1%
Multiple SQL injection vulnerabilities in QuadComm Q-Shop allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) search.asp, (2) browse.asp, (3) details.asp, (4) showcat.asp, (5) users.asp, (6) addtomylist.asp, (7) modline.asp, (8) cart.asp, or (9) newuser.asp.
References
marc.info/?l=bugtraq&m=107488132208229&w=2
secunia.com/advisories/10704
securitytracker.com/alerts/2004/Jan/1008837.html
www.osvdb.org/3698
www.osvdb.org/3699
www.osvdb.org/3700
www.osvdb.org/3701
www.osvdb.org/3702
www.osvdb.org/3703
www.osvdb.org/3704
www.osvdb.org/3705
www.osvdb.org/3706
www.s-quadra.com/advisories/Adv-20040123.txt
www.securityfocus.com/bid/9481
exchange.xforce.ibmcloud.com/vulnerabilities/14922
8.9 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.1%