2 matches found
CVE-2006-1024
CVE-2006-1024 affects Addsoft StoreBot 2005 Professional via SQL injection in MgrLogin.asp, exploitable through the Pwd parameter to execute arbitrary SQL commands remotely. The description notes third-party provenance; no explicit exploit details or patch/remediation are provided in the document...
CVE-2006-1025
The provided sources describe CVE-2006-1025 as a cross-site scripting (XSS) vulnerability in Addsoft StoreBot 2002 Standard, affecting the manage.asp page. The issue is exploitable by remote attackers who can inject arbitrary script/HTML via the ShipMethod parameter. Affected software/component: ...