CVE-2005-1161

2005-05-02T00:00:00
ID CVE-2005-1161
Type cve
Reporter NVD
Modified 2017-07-10T21:32:33

Description

Multiple SQL injection vulnerabilities in OneWorldStore allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) owAddItem.asp or (2) owProductDetail.asp, (3) idCategory parameter to owListProduct.asp, or (4) bSpecials parameter to owListProduct.asp.