2 matches found
CVE-2008-2918
SQL injection vulnerability in details.php in Application Dynamics Cartweaver 3.0 allows remote attackers to execute arbitrary SQL commands via the prodId parameter, possibly a related issue to CVE-2006-2046.3...
CVE-2008-2918
The CVE-2008-2918 entry concerns an SQL injection in Application Dynamics Cartweaver 3.0 via the prodId parameter in details.php, allowing remote attackers to execute arbitrary SQL. Root cause appears to be unsanitized user input in the prodId parameter, leading to potential data compromise. Conn...