4 matches found
EUVD-2006-5919
Malware in sbrugna...
SiteXpress E-Commerce System Dept.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21059/info SiteXpress E-Commerce System is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow a...
CVE-2006-5936
CVE-2006-5936 describes an SQL injection in dept.asp of the SiteXpress E-Commerce System, exploitable via the id parameter to allow remote execution of arbitrary SQL commands. Affected component: dept.asp in SiteXpress E-Commerce System. Root cause: improper handling of the id parameter leading t...
SiteXpress E-Commerce System - 'Dept.asp' SQL Injection
source: https://www.securityfocus.com/bid/21059/info SiteXpress E-Commerce System is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...