7 matches found
VUPEN Web Security Research - WebAsyst Shop-Script Multiple Input Validation Vulnerabilities
VUPEN Web Security Research - WebAsyst Shop-Script Multiple Input Validation Vulnerabilities http://www.vupen.com/english/research-web.php I. BACKGROUND --------------------- "WebAsyst Shop-Script FREE - simple and free PHP shopping cart script. It provides basic shopping cart functionality and...
CVE-2010-1463
Multiple SQL injection vulnerabilities in WebAsyst Shop-Script FREE allow attackers to execute arbitrary SQL commands via the 1 add2cart, 2 cid, 3 categoryID, 4 listprice, 5 name, 6 newoffer, 7 price, 8 productcode, 9 productID, 10 rating, and 11 saveproduct parameters...
Sql injection
Multiple SQL injection vulnerabilities in WebAsyst Shop-Script FREE allow attackers to execute arbitrary SQL commands via the 1 add2cart, 2 cid, 3 categoryID, 4 listprice, 5 name, 6 newoffer, 7 price, 8 productcode, 9 productID, 10 rating, and 11 saveproduct parameters...
Directory traversal
Directory traversal vulnerability in WebAsyst Shop-Script FREE has unknown impact and attack vectors via the sub parameter...
CVE-2010-1462
Directory traversal vulnerability in WebAsyst Shop-Script FREE has unknown impact and attack vectors via the sub parameter...
CVE-2010-1462
Directory traversal vulnerability in WebAsyst Shop-Script FREE has unknown impact and attack vectors via the sub parameter...
CVE-2010-1462
CVE-2010-1462 affects WebAsyst Shop-Script FREE and is a directory traversal vulnerability exploitable through the sub parameter. The known impact is described as unknown in the CVE entry; the NVD entry lists a base score of 10.0 (HIGH) with network attack vector and complete impact on confidenti...