CVE-2007-5261

2007-10-0617:00:00

mitre

www.cve.org

AI Score

8.5

Confidence

Low

EPSS

0.001

Percentile

49.5%

JSON

Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to search.php.

References

www.securityfocus.com/bid/25895

exchange.xforce.ibmcloud.com/vulnerabilities/36927

www.exploit-db.com/exploits/4480