ASP A.ShopKart 2.0 Database Disclosure

======================================================================================== | Title : ASP a.shopKart 2.0 DB Download Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | Web Site : www.iq-ty.com ...

CVE-2006-2823

Katrien De Graeve a.shopKart 2.0 aka ashopKart20 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for 1 admin/scart.mdb and possibly 2 admin/scart97.mdb...

CVE-2006-2823

Katrien De Graeve a.shopKart 2.0 aka ashopKart20 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for 1 admin/scart.mdb and possibly 2 admin/scart97.mdb...

CVE-2003-1268

CVE-2003-1268 affects a.shopKart 2.0.3. Three SQL injection flaws exist in addcustomer.asp, addprod.asp, and process.asp that allow remote attackers to execute arbitrary SQL and access sensitive data via the zip, state, country, phone, and fax parameters. CVSS base score 7.5 (HIGH); impact includ...

a.shopKart Shopping Cart remote vulnerabilities

Centaura Technologies Security Research Lab Advisory Product Name: a.shopKart Web Shopping Cart Systems: Windows NT/2000/.NET Server Severity: High Risk Remote: Yes Category: Insuficient input checking Vendor URL: http://www.urlogy.com Advisory Author: Ignacio Vazquez Advisory URL:...