CVE-2006-3794

2006-07-2121:00:00

mitre

www.cve.org

8.4 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.6%

JSON

SQL injection vulnerability in Amazing Flash AFCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the search field. NOTE: the vendor has disputed this issue, stating "if someone were to type in any sql injection code, that code would never be queried.

References

securityreason.com/securityalert/1255

securitytracker.com/id?1016538

www.osvdb.org/28618

www.securityfocus.com/archive/1/440589/100/0/threaded

www.securityfocus.com/archive/1/440848/100/100/threaded

www.securityfocus.com/bid/19074

exchange.xforce.ibmcloud.com/vulnerabilities/27846