6 matches found
CVE-2003-0523
Cross-site scripting XSS vulnerability in msg.asp for certain versions of ProductCart allow remote attackers to execute arbitrary web script via the message parameter...
ProductCart 1.5/1.6/2.0 - 'MSG.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/8108/info A cross-site scripting vulnerability has been reported for ProductCart. The vulnerability exists due to insufficient sanitization of some user-supplied values. Exploitation could permit an attacker to steal cookie-based authentication credential...
ProductCart 1.5/1.6/2.0 - File Disclosure
source: https://www.securityfocus.com/bid/8112/info A vulnerability has been reported for ProductCart that may result in an attacker obtaining the contents of the database file. http://victimhost/productcart/database/EIPC.mdb...
ProductCart 1.51.62.0 - File Disclosure
ProductCart 1.51.62.0 - File Disclosure source: https://www.securityfocus.com/bid/8112/info A vulnerability has been reported for ProductCart that may result in an attacker obtaining the contents of the database file. http://victimhost/productcart/database/EIPC.mdb...
ProductCart 1.51.62.0 - MSG.asp Cross-Site Scripting
ProductCart 1.51.62.0 - MSG.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/8108/info A cross-site scripting vulnerability has been reported for ProductCart. The vulnerability exists due to insufficient sanitization of some user-supplied values. Exploitation could permit an...
ProductCart 1.5/1.6/2.0 - 'login.asp' SQL Injection
source: https://www.securityfocus.com/bid/8105/info ProductCart has been reported prone to an SQL injection vulnerability that may be exploited to bypass the ProductCart authentication system and access the ProductCart administration panel; other attacks may also be possible...