Vulnerabilities > CVE-2005-2477 - SQL Injection vulnerability in Naxtor Shopping Cart 1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
shop_display_products.php in Naxtor Shopping Cart 1.0 allows remote attackers to obtain sensitive information via a cat_id with a "'" (single quote), which reveals the path in an error message, possibly due to an SQL injection vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |