7 matches found
EUVD-2005-1489
Malware in sbrugna...
CVE-2005-1487
FishCart 3.1 contains multiple SQL injection vulnerabilities exploitable through the cartid parameter to upstnt.php or the psku parameter to display.php. The issue is documented across CVE-2005-1487 entries, with vendor disputes over the report (vendor claims forced SQL errors) and notes that the...
CVE-2005-1486
Multiple cross-site scripting vulnerabilities in FishCart 3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 trackingnum, 2 reqagree, or 3 m parameter to upstracking.php or 4 nlst parameter to display.php. NOTE: the vendor was not able to reproduce some of the reported...
CVE-2005-1486
Multiple cross-site scripting vulnerabilities in FishCart 3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 trackingnum, 2 reqagree, or 3 m parameter to upstracking.php or 4 nlst parameter to display.php. NOTE: the vendor was not able to reproduce some of the reported...
CVE-2005-1487
Multiple SQL injection vulnerabilities in FishCart 3.1 allow remote attackers to execute arbitrary SQL commands via the 1 cartid parameter to upstnt.php or 2 psku parameter to display.php. NOTE: the vendor disputes this report, saying that they are forced SQL errors. The original researcher is...
CVE-2005-1486
FishCart 3.1 is affected by multiple vulnerabilities. The primary CVE (CVE-2005-1486) describes cross-site scripting via the following parameters: trackingnum, reqagree, or m in upstracking.php, and nlst in display.php. OpenVAS data also indicates SQL injection vulnerabilities in FishCart that co...
FishCart 3.1 - upstnt.php?cartid SQL Injection
FishCart 3.1 - upstnt.php?cartid SQL Injection source: https://www.securityfocus.com/bid/13499/info FishCart is prone to multiple cross-site scripting and SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit of the SQL-injectio...