quickCart.txt

Quick.cart 'sWord' variable XSS and 'iCategory' SQL injection vendor url:http://qc.dotgeek.org/os/index.php?p=productsQuickCart advisore:http://lostmon.blogspot.com/2005/05/quickcart-sword-variable-xss-and.html vendor notify: yes exploit available: yes Quick.cart contais a flaw which can be...

CVE-2005-1588

Summary: CVE-2005-1588 concerns a potential SQL injection in Quick.cart 0.3.0’s index.php, exploitable via the iCategory parameter. Affected software: Quick.cart, version 0.3.0. Root cause and vulnerability: described as SQL injection in index.php; vendor has privately disputed the issue, asserti...

CVE-2005-1588

SQL injection vulnerability in index.php for Quick.cart 0.3.0 allows remote attackers to execute arbitrary SQL commands via the iCategory parameter. NOTE: the vendor has privately disputed this issue, saying that Quick.cart does not even use SQL and therefore can not be vulnerable to SQL injectio...

PT-2005-2567 · Quick.Cart · Quick.Cart

Name of the Vulnerable Software and Affected Versions: Quick.cart version 0.3.0 Description: The issue concerns a potential SQL injection vulnerability in the index.php file of Quick.cart, allegedly allowing remote attackers to execute arbitrary SQL commands via the iCategory parameter. However,...