44 matches found
EUVD-2005-1625
Malware in sbrugna...
EUVD-2005-1366
Malware in sbrugna...
EUVD-2005-1364
Malware in sbrugna...
EUVD-2005-1365
Malware in sbrugna...
EUVD-2008-6021
Malware in sbrugna...
MetaCart E-Shop V-8 IntProdID Parameter Remote SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13376/info An SQL injection vulnerability affects MetaCart e-Shop V-8. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries. An attacker may explo...
MetaCart E-Shop ProductsByCategory.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13639/info MetaCart e-Shop is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrar...
MetaCart E-Shop V-8 StrCatalog_NAME Parameter Remote SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13377/info An SQL injection vulnerability affects MetaCart e-Shop V-8. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries. An attacker may explo...
MetaCart Free eCommerce Shopping Cart Database Disclosure
======================================================================================== | Title : Asp - MetaCart Free eCommerce Shopping Cart Backup Dump Vulnerability | Author : indoushka | Home : www.iqs3cur1ty.com | Dork : Powered by MetaCart | Bug : Backup ====================== Exploit By...
CVE-2008-6051
MetaCart Free stores metacart.mdb under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords via a direct request...
Improper access control
MetaCart Free stores metacart.mdb under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords via a direct request...
CVE-2008-6051
MetaCart Free stores metacart.mdb under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords via a direct request...
CVE-2008-6051
CVE-2008-6051 affects MetaCart Free. The vulnerability arises because the application stores the file metacart.mdb under the web root with insufficient access control, enabling an unauthenticated remote attacker to obtain usernames and passwords via a direct request. The connected documents corro...
metacart-sql.txt
Aria-Security Team, http://Aria-Security.net ------------------------------- Shout Outs: AurA, imm02tal Vendor: http://metalinks.com/ http://site.ltd/metacartpath/productsByCategory.asp?intCatalogID='SQL INJECTION Regards, The-0utl4w Credits Goes To Aria-Security.Net...
Aria-Security.Net: MetaCart SQL Injection
Aria-Security Team, http://Aria-Security.net ------------------------------- Shout Outs: AurA, imm02tal Vendor: http://metalinks.com/ http://site.ltd/metacartpath/productsByCategory.asp?intCatalogID='SQL INJECTION Regards, The-0utl4w Credits Goes To Aria-Security.Net...
metacarteshop.txt
vendor site:http://metalinks.com/ product:MetaCart e-Shop bug:injection sql risk:medium injection sql get : http://site.com/metacart/productsByCategory.asp?intCatalogID='sql http://site.com/metacart/product.asp?intProdID='sql injection sqlpost : 1 http://site.com/metacart/searchAction.asp variabl...
MetaCart e-Shop [multiples injection sql (get & post)]
vendor site:http://metalinks.com/ product:MetaCart e-Shop bug:injection sql risk:medium injection sql get : http://site.com/metacart/productsByCategory.asp?intCatalogID='sql http://site.com/metacart/product.asp?intProdID='sql injection sqlpost : 1 http://site.com/metacart/searchAction.asp variabl...
MetaCart E-Shop ProductsByCategory.ASP SQL and XSS Injection Vulnerabilities
The remote host is running the MetaCart e-Shop, an online store written in ASP. Due to a lack of user input validation, the remote version of this software is vulnerable to various SQL injection vulnerabilities and cross site scripting attacks. An attacker may exploit these flaws to execute...
MetaCart E-Shop ProductsByCategory.ASP SQL and XSS Injection Vulnerabilities
Due to a lack of user input validation, the remote version of MetaCart e-Shop is vulnerable to various SQL injection vulnerabilities and cross site scripting attacks. SPDX-FileCopyrightText: 2005 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are...
Echo Security Advisory 2005.13
\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV13$2005 --------------------------------------------------------------------------- Multiple Vulnerabilities in MetaCart e-Shop ---------------------------------------------------------------------------...