Vulnerabilities > CVE-2005-0962 - Unspecified vulnerability in Lighthouse Development Squirrelcart 1.5.5

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
lighthouse-development
nessus
exploit available

Summary

SQL injection vulnerability in index.php for Lighthouse Squirrelcart allows remote attackers to execute arbitrary SQL commands via the (1) crn parameter in a show action or (2) rn parameter in a show_detail action.

Vulnerable Configurations

Part Description Count
Application
Lighthouse_Development
1

Exploit-Db

descriptionLighthouse Development Squirrelcart 1.5.5 SQL Injection Vulnerability. CVE-2005-0962. Webapps exploit for php platform
idEDB-ID:25320
last seen2016-02-03
modified2005-03-29
published2005-03-29
reporterDiabolic Crab
sourcehttps://www.exploit-db.com/download/25320/
titleLighthouse Development Squirrelcart 1.5.5 - SQL Injection Vulnerability

Nessus

NASL familyCGI abuses
NASL idSQUIRRELCART_SQL.NASL
descriptionThe remote host is running SquirrelCart, a shopping cart program written in PHP. There is a flaw in the remote software that may allow anyone to inject arbitrary SQL commands, which may in turn be used to gain administrative access on the remote host. SquirrelCart 1.5.5 and prior versions are affected by this flaw.
last seen2020-06-01
modified2020-06-02
plugin id17652
published2005-03-30
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/17652
titleSquirrelcart index.php Multiple Parameter SQL Injection