2 matches found
CVE-2004-0300
SQL injection vulnerability in Online Store Kit 3.0 allows remote attackers to inject arbitrary SQL and gain unauthorized access via 1 the cat parameter in shop.php, 2 the id parameter in more.php, 3 the catmanufacturer parameter in shopbybrand.php, or 4 the id parameter in listing.php...
CVE-2004-0300
The CVE-2004-0300 entry concerns Ecommerce Corporation Online Store Kit 3.0. The vulnerability is a SQL injection in multiple parameters: cat in shop.php, id in more.php, cat_manufacturer in shop_by_brand.php, and id in listing.php. This allows remote attackers to inject arbitrary SQL and gain un...