2 matches found
CVE-2010-4632
Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to execute arbitrary SQL commands via the 1 article parameter to kb.asp, 2 specific parameter to cart.asp, 3 countrycode parameter to contact.asp, and the 4 srch parameter to search.asp. NOTE: the article...
CVE-2010-4632
ASPilot Pilot Cart 7.3 is affected by SQL injection vulnerabilities (CVE-2010-4632) in multiple input vectors. The description specifies four vulnerable parameters: article (to kb.asp), a parameter to cart.asp, countrycode (to contact.asp), and srch (to search.asp). The root cause is improper san...