2 matches found
Sql injection
SQL injection vulnerability in index.cfm in CF ShopKart 5.4 beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a ViewDetails action, a different vector than CVE-2008-6320...
CVE-2008-6320
CVE-2008-6320 : A SQL injection in CF Shopkart 5.2.2 (index.cfm) allows remote attackers to inject arbitrary SQL via the Category parameter in the ViewCategory action. The vulnerability is confirmed in the NVD entry for CF Shopkart 5.2.2 with a base score of 7.5 (HIGH) and network attack vector w...