mrpet.co.il XSS vulnerability

Vulnerable URL: http://www.mrpet.co.il/category.asp?producerid====33=33==1"...

Alan Ward A-Cart 2.0 category.asp catcode Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/9997/info Reportedly A-Cart is prone to multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied input prior to its use in SQL queries and generati...

A-CART 2.0 category.asp catcode Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21166/info A-Cart is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromis...

CVE-2004-1873

The CVE-2004-1873 entry concerns SQL injection in category.asp of A-CART Pro 2.0 and A-CART 2.0. The root cause is improper handling of the catcode parameter in category.asp, enabling remote attackers to gain privileges. Connected PT-2004-2772 provides concrete remediation guidance: update the ca...

PT-2004-2772 · A Cart · A-Cart Pro +1

Name of the Vulnerable Software and Affected Versions: A-CART Pro version 2.0 A-CART version 2.0 Description: The issue allows remote attackers to gain privileges via the catcode parameter in the "category.asp" file. Recommendations: For A-CART Pro version 2.0, update the category.asp file to...