2 matches found
Sql injection
Multiple SQL injection vulnerabilities in embadmin/login.asp in E-SMARTCART 1.0 allow remote attackers to execute arbitrary SQL commands via the 1 user and 2 pass fields, different vectors than CVE-2007-0092...
CVE-2007-0092
CVE-2007-0092 affects E-SMARTCART 1.0: SQL injection in productdetail.asp via the product_id parameter allows remote execution of arbitrary SQL commands. The linked NVD entry reports a HIGH base CVSS v2 score (7.5, NETWORK/LOW complexity, no authentication). Connected documents confirm the same v...