CVE-2006-6111
CVE-2006-6111 covers multiple SQL injection flaws in Alan Ward A-CART Pro 2.0: remote SQL commands via productid in product.asp or via search in search.asp. The category.asp vector is addressed by CVE-2004-1873 (SQLi via catcode). Connected sources confirm a separate legacy issue (CVE-2004-1873) ...