3 matches found
EUVD-2006-4859
Malware in sbrugna...
ECardPro 2.0 Search.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20080/info ECardPro is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...
CVE-2006-4872
SQL injection vulnerability in search.asp in Keyvan1 aka Keyvan Janghorbani ECardPro 2.0 allows remote attackers to execute arbitrary SQL commands via the keyword parameter...