Vulnerabilities > CVE-2005-0994 - Unspecified vulnerability in Early Impact Productcart 2.7
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple SQL injection vulnerabilities in ProductCart 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the Category or resultCnt parameters to advSearch_h.asp, and possibly (2) the offset parameter to tarinasworld_butterflyjournal.asp. NOTE: it is possible that item (2) is the result of a typo or editing error from the original research report.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description ProductCart 1.x/2.x advSearch_h.asp Multiple Parameter SQL Injection. CVE-2005-0994. Webapps exploit for asp platform id EDB-ID:23703 last seen 2016-02-02 modified 2004-02-16 published 2004-02-16 reporter Nick Gudov source https://www.exploit-db.com/download/23703/ title ProductCart 1.x/2.x advSearch_h.asp Multiple Parameter SQL Injection description ProductCart 1.x/2.x Custva.asp redirectUrl Parameter XSS. CVE-2005-0994. Webapps exploit for asp platform id EDB-ID:23704 last seen 2016-02-02 modified 2004-02-16 published 2004-02-16 reporter Nick Gudov source https://www.exploit-db.com/download/23704/ title ProductCart 1.x/2.x Custva.asp redirectUrl Parameter XSS
Nessus
NASL family | CGI abuses |
NASL id | PRODUCTCART_MULTIPLE_INPUT_VULNS.NASL |
description | The remote host is running a version of the ProductCart shopping cart software that suffers from several input validation vulnerabilities: - SQL Injection Vulnerabilities The |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 17971 |
published | 2005-04-06 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/17971 |
title | ProductCart Multiple Input Validation Vulnerabilities |
References
- http://digitalparadox.org/advisories/prodcart.txt
- http://digitalparadox.org/advisories/prodcart.txt
- http://secunia.com/advisories/14833
- http://secunia.com/advisories/14833
- http://www.osvdb.org/15263
- http://www.osvdb.org/15263
- http://www.osvdb.org/15265
- http://www.osvdb.org/15265
- http://www.securityfocus.com/bid/12990
- http://www.securityfocus.com/bid/12990