2 matches found
CVE-2009-0462
CVE-2009-0462 describes multiple SQL injection vulnerabilities in ClickTech ClickCart 6.0. The issue affects the login flow, where user input in the txtEmail (E-MAIL) and txtPassword fields sent to customer_login.asp can be manipulated to alter SQL commands, enabling remote attackers to execute a...
CVE-2006-3029
This CVE (CVE-2006-3029) concerns a Cross-site scripting (XSS) vulnerability in ClickTech Clickcart 6.0 and earlier, exploitable via the cat parameter in default.asp. The affected app/function is default.asp of Clickcart; the underlying issue is input handling that allows injection of arbitrary s...