Vulnerabilities > CVE-2004-2173 - Multiple vulnerability in EarlyImpact ProductCart

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

early-impact

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

SQL injection vulnerability in advSearch_h.asp in EarlyImpact ProductCart allows remote attackers to execute arbitrary SQL commands via the priceUntil parameter.

Vulnerable Configurations

Part	Description	Count
Application	Early_Impact Early Impact Productcart 1.5 Early Impact Productcart 1.6B Early Impact Productcart 1.6B001 Early Impact Productcart 1.6B002 Early Impact Productcart 1.6B003 Early Impact Productcart 1.6Br Early Impact Productcart 1.6Br001 Early Impact Productcart 1.6Br003 Early Impact Productcart 1.5002 Early Impact Productcart 1.5003 Early Impact Productcart 1.5003R Early Impact Productcart 1.5004 Early Impact Productcart 1.6002 Early Impact Productcart 1.6003 Early Impact Productcart 2.0 Early Impact Productcart 2.0Br000 Early Impact Productcart 2.5	17

Summary

Vulnerable Configurations

References