18 matches found
EUVD-2003-0503
Malware in sbrugna...
CyberStrong EShop 4.2 20review.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14101/info CyberStrong eShop is prone to an SQL-injection vulnerability. As a result, the attacker may modify the structure and logic of an SQL query that is made by the application. The attacker may accomplish this by...
CyberStrong eShop 4.2 10expand.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14103/info CyberStrong eShop is prone to an SQL injection vulnerability. As a result, the attacker may modify the structure and logic of an SQL query that is made by the application. The attacker may accomplish this by...
CyberStrong EShop 4.2 10browse.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14112/info CyberStrong eShop is prone to an SQL injection vulnerability. As a result, the attacker may modify the structure and logic of an SQL query that is made by the application. The attacker may accomplish this by...
Cyberstrong eShop SQL Injection Vulnerabilities
The remote host is running Cyberstrong eShop, a shopping cart written in ASP. The remote version of this software contains several input validation flaws leading to SQL injection vulnerabilities. An attacker may exploit these flaws to affect database queries, possibly resulting in disclosure of...
Cyberstrong eShop SQL Injection Vulnerabilities
The remote host is running Cyberstrong eShop, a shopping cart written in ASP. The remote version of this software contains several input validation flaws leading to SQL injection vulnerabilities. An attacker may exploit these flaws to affect database queries, possibly resulting in disclosure of...
Cyberstrong eShop Multiple Script ProductCode Parameter SQL Injection
The remote host is running Cyberstrong eShop, a shopping cart written in ASP. The remote version of this software contains several input validation flaws leading to SQL injection vulnerabilities. An attacker may exploit these flaws to affect database queries, possibly resulting in disclosure of...
CyberStrong EShop 4.2 - 10browse.asp SQL Injection
CyberStrong EShop 4.2 - 10browse.asp SQL Injection source: https://www.securityfocus.com/bid/14112/info CyberStrong eShop is prone to an SQL injection vulnerability. As a result, the attacker may modify the structure and logic of an SQL query that is made by the application. The attacker may...
CyberStrong eShop 4.2 - 10expand.asp SQL Injection
CyberStrong eShop 4.2 - 10expand.asp SQL Injection source: https://www.securityfocus.com/bid/14103/info CyberStrong eShop is prone to an SQL injection vulnerability. As a result, the attacker may modify the structure and logic of an SQL query that is made by the application. The attacker may...
CyberStrong EShop 4.2 - 20review.asp SQL Injection
CyberStrong EShop 4.2 - 20review.asp SQL Injection source: https://www.securityfocus.com/bid/14101/info CyberStrong eShop is prone to an SQL-injection vulnerability. As a result, the attacker may modify the structure and logic of an SQL query that is made by the application. The attacker may...
CyberStrong EShop 4.2 - '20review.asp' SQL Injection
source: https://www.securityfocus.com/bid/14101/info CyberStrong eShop is prone to an SQL-injection vulnerability. As a result, the attacker may modify the structure and logic of an SQL query that is made by the application. The attacker may accomplish this by passing malicious SQL syntax to the...
CyberStrong EShop 4.2 - '10browse.asp' SQL Injection
source: https://www.securityfocus.com/bid/14112/info CyberStrong eShop is prone to an SQL injection vulnerability. As a result, the attacker may modify the structure and logic of an SQL query that is made by the application. The attacker may accomplish this by passing malicious SQL syntax to the...
CyberStrong eShop 4.2 - '10expand.asp' SQL Injection
source: https://www.securityfocus.com/bid/14103/info CyberStrong eShop is prone to an SQL injection vulnerability. As a result, the attacker may modify the structure and logic of an SQL query that is made by the application. The attacker may accomplish this by passing malicious SQL syntax to the...
[SA12842] CyberStrong eShop ASP Shopping Card Unspecified Cross-Site Scripting
TITLE: CyberStrong eShop ASP Shopping Card Unspecified Cross-Site Scripting SECUNIA ADVISORY ID: SA12842 VERIFY ADVISORY: http://secunia.com/advisories/12842/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: CyberStrong eShop 4.x http://secunia.com/product/1805/...
CVE-2003-0509
SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier allows remote attackers to steal authentication information and gain privileges via the ProductCode parameter in 1 10expand.asp, 2 10browse.asp, and 3 20review.asp...
CVE-2003-0509
The connected sources confirm a SQL injection vulnerability in Cyberstrong eShop (ASP) affecting version 4.2 and earlier, caused by input validation flaws in the ProductCode parameter used by scripts 10expand.asp, 10browse.asp, and 20review.asp. The OpenVAS/Nessus entries describe remote exploita...
CVE-2003-0509
SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier allows remote attackers to steal authentication information and gain privileges via the ProductCode parameter in 1 10expand.asp, 2 10browse.asp, and 3 20review.asp...
CyberStrong Shopping Cart - Advisory & Exploit Code
Advisory Name: Cyberstrong eShop SQL Injection Vulnerability Release Date: 05/07/2003 Application: CyberStrong eShop v4.2 Platform: Win32/MSSQL Severity: High BUG Type: SQL Injection Discover by: AresU [email protected] Author: Bosen [email protected] Vendor Status: See below. Vendor URL:...