7 matches found
EUVD-2007-5806
Malware in sbrugna...
Sql injection
SQL injection vulnerability in Amazing Flash AFCommerce allows remote attackers to execute arbitrary SQL commands via the firstname parameter to an unspecified component, a different issue than CVE-2006-3794. NOTE: the provenance of this information is unknown; the details are obtained solely fro...
CVE-2007-5836
SQL injection vulnerability in Amazing Flash AFCommerce allows remote attackers to execute arbitrary SQL commands via the firstname parameter to an unspecified component, a different issue than CVE-2006-3794. NOTE: the provenance of this information is unknown; the details are obtained solely fro...
CVE-2007-5836
CVE-2007-5836 documents a SQL injection vulnerability in Amazing Flash AFCommerce Shopping Cart. The affected component/entry points are an unspecified component via the firstname parameter (and related references indicate a similar issue via the search field). The root cause is SQL injection all...
CVE-2007-5836
SQL injection vulnerability in Amazing Flash AFCommerce allows remote attackers to execute arbitrary SQL commands via the firstname parameter to an unspecified component, a different issue than CVE-2006-3794. NOTE: the provenance of this information is unknown; the details are obtained solely fro...
CVE-2006-3794
SQL injection vulnerability in Amazing Flash AFCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the search field. NOTE: the vendor has disputed this issue, stating "if someone were to type in any sql injection code, that code would never be queried...
CVE-2006-3800
CVE-2006-3800 describes a cross-site scripting (XSS) vulnerability in the Amazing Flash AFCommerce Shopping Cart. The issue allows remote attackers to inject arbitrary web script or HTML via the “new review” text box. Documents do not specify affected versions, root cause details beyond the input...