CVE-2011-3852

Cross-site scripting XSS vulnerability in the EvoLve theme before 1.2.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

CVE-2011-3852

The CVE-2011-3852 entry concerns the EvoLve WordPress theme (pre-1.2.6). The vulnerability is a cross-site scripting (XSS) flaw in the theme’s handling of the s parameter, allowing remote attackers to inject arbitrary script or HTML into victims’ browsers. The root cause is inadequate input clean...

PT-2011-4728 · Unknown · Evolve Theme

Name of the Vulnerable Software and Affected Versions: EvoLve theme versions prior to 1.2.6 Description: A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the s parameter. This can be exploited by sending malicious input to the vulnerable endpoint...

Evolve < 1.2.6 - XSS

The evolve WordPress theme was affected by a XSS security vulnerability...

CVE-2006-6207

SQL injection vulnerability in products.asp in Evolve shopping cart aka Evolve Merchant allows remote attackers to execute arbitrary SQL commands via the partno parameter. NOTE: the vendor disputes this issue, stating that it is a forced SQL error...

CVE-2006-6207

SQL injection vulnerability in products.asp in Evolve shopping cart aka Evolve Merchant allows remote attackers to execute arbitrary SQL commands via the partno parameter. NOTE: the vendor disputes this issue, stating that it is a forced SQL error...

CVE-2006-6207

The CVE-2006-6207 issue affects the Evolve shopping cart (aka Evolve Merchant) where the products.asp page processes the partno parameter. The root cause is a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands on the backend database. Reported impact is cap...

PT-2006-6837 · Evolve · Evolve Shopping Cart

Name of the Vulnerable Software and Affected Versions: Evolve shopping cart affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the partno parameter in the "products.asp" page. This enables attackers to manipulate the database. The...

aria-evolve.txt

Aria-Security Team Advisory ----------------------------------------------------------- Software: Evolve shopping cart Method: SQL Injection PoC: http://target/path/products.asp?partno=SQL INJECTION Contact: [email protected]...

[Aria-Security Team] Evolve shopping cart SQL Injection Vulnerability

Aria-Security Team Advisory www.Aria-security.Com For English www.Aria-Security.net For Persian ----------------------------------------------------------- Software: Evolve shopping cart Method: SQL Injection PoC: http://target/path/products.asp?partno=SQL INJECTION Contact:...

Evolve Shopping Cart - products.asp SQL Injection

Evolve Shopping Cart - products.asp SQL Injection source: https://www.securityfocus.com/bid/21323/info Evolve Shopping Cart is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could...

CVE-2006-5953

SQL injection vulnerability in viewcart.asp in Evolve shopping cart aka Evolve Merchant allows remote attackers to execute arbitrary SQL commands via the zoneid parameter...

PT-2006-6618 · Evolve · Evolve Shopping Cart

Name of the Vulnerable Software and Affected Versions: Evolve shopping cart affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the zoneid parameter in the "viewcart.asp" file. This enables attackers to manipulate the database by...

CVE-2006-5953

The CVE-2006-5953 issue is an SQL injection in Evolve shopping cart's viewcart.asp, exploitable through the zoneid parameter to execute arbitrary SQL commands. Documented in multiple sources (NVD, CVE lists, PT-2006-6618) confirms the vulnerability and its remote nature but provides no concrete d...

CVE-2006-5953

SQL injection vulnerability in viewcart.asp in Evolve shopping cart aka Evolve Merchant allows remote attackers to execute arbitrary SQL commands via the zoneid parameter...

Evolve Merchant[ injection sql ]

vendor site:http://www.lynxinternet.com/ product:Evolve Merchant bug:injection sql risk:medium injection sql get : http://site.com/viewcart.asp?zoneid='sql laurent gaffie & benjamin mosse http://s-a-p.ca/ contact: [email protected]...

evolveSQL.txt

vendor site:http://www.lynxinternet.com/ product:Evolve Merchant bug:injection sql risk:medium injection sql get : http://site.com/viewcart.asp?zoneid='sql laurent gaffié & benjamin mossé http://s-a-p.ca/ contact: [email protected]...

Evolve Merchant - viewcart.asp SQL Injection

Evolve Merchant - viewcart.asp SQL Injection source: https://www.securityfocus.com/bid/21070/info Evolve Merchant is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...

Evolve Merchant - &#039;viewcart.asp&#039; SQL Injection

source: https://www.securityfocus.com/bid/21070/info Evolve Merchant is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, acces...