2 matches found
[BONSAI] SQL Injection in CS-Cart
Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ SQL Injection in CS-Cart 1. Advisory Information Title: SQL Injection in CS-Cart Advisory ID: BONSAI-2009-0100 Advisory URL: http://www.bonsai-sec.com/research/vulnerabilities/cs-cartSQL-injection-0100.txt Date published:...
CVE-2009-2579
CS-Cart CVE-2009-2579 is a SQL injection in the reward_points.post.php script (reward_points addon) exploitable via the sort_order parameter in the reward_points.userlog flow. The advisory (Bonsai-2009-0100) indicates vulnerable versions