Vulnerabilities > CVE-2004-2108 - Unspecified vulnerability in Quadcomm Q-Shop

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

quadcomm

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

Multiple SQL injection vulnerabilities in QuadComm Q-Shop allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) search.asp, (2) browse.asp, (3) details.asp, (4) showcat.asp, (5) users.asp, (6) addtomylist.asp, (7) modline.asp, (8) cart.asp, or (9) newuser.asp.

Vulnerable Configurations

Part	Description	Count
Application	Quadcomm Quadcomm Q Shop 2.1 Quadcomm Q Shop 2.0 Quadcomm Q Shop 2.5 Quadcomm Q Shop 2.5_Beta	4

References

http://marc.info/?l=bugtraq&m=107488132208229&w=2
http://marc.info/?l=bugtraq&m=107488132208229&w=2
http://secunia.com/advisories/10704
http://secunia.com/advisories/10704
http://securitytracker.com/alerts/2004/Jan/1008837.html
http://securitytracker.com/alerts/2004/Jan/1008837.html
http://www.osvdb.org/3698
http://www.osvdb.org/3698
http://www.osvdb.org/3699
http://www.osvdb.org/3699
http://www.osvdb.org/3700
http://www.osvdb.org/3700
http://www.osvdb.org/3701
http://www.osvdb.org/3701
http://www.osvdb.org/3702
http://www.osvdb.org/3702
http://www.osvdb.org/3703
http://www.osvdb.org/3703
http://www.osvdb.org/3704
http://www.osvdb.org/3704
http://www.osvdb.org/3705
http://www.osvdb.org/3705
http://www.osvdb.org/3706
http://www.osvdb.org/3706
http://www.securityfocus.com/bid/9481
http://www.securityfocus.com/bid/9481
http://www.s-quadra.com/advisories/Adv-20040123.txt
http://www.s-quadra.com/advisories/Adv-20040123.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/14922
https://exchange.xforce.ibmcloud.com/vulnerabilities/14922