2 matches found
CVE-2005-3735
CVE-2005-3735 involves multiple SQL injection vulnerabilities in the e-Quick Cart system. The affected components/parameters are: (1) productid in shopaddtocart.asp, (2) strpemail in shopprojectlogin.asp, and (3) id in shoptellafriend.asp. The underlying issue is unsafely constructed SQL queries ...
CVE-2005-3736
CVE-2005-3736 refers to multiple XSS vulnerabilities in the e-Quick Cart application. The disclosed vectors involve user-supplied input parameters: strgifttoname in shopgift.asp, strfirstname in shopmaillist.asp, strpid in shopprojectlogin.asp, and Custname in shoptellafriend.asp. These allow rem...