Vulnerabilities > CVE-2005-1588 - Unspecified vulnerability in Open Solution Quick.Cart 0.3

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

open-solution

NVD

Published: 2005-05-11

Updated: 2024-04-11

Summary

SQL injection vulnerability in index.php for Quick.cart 0.3.0 allows remote attackers to execute arbitrary SQL commands via the iCategory parameter. NOTE: the vendor has privately disputed this issue, saying that Quick.cart does not even use SQL and therefore can not be vulnerable to SQL injection

Vulnerable Configurations

Part	Description	Count
Application	Open_Solution Open Solution Quick.Cart 0.3	1

References

http://lostmon.blogspot.com/2005/05/quickcart-sword-variable-xss-and.html
http://www.osvdb.org/16331