Vulnerabilities > CVE-2006-3794 - Unspecified vulnerability in Amazing Flash Commerce Afcommerce Shopping Cart
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
SQL injection vulnerability in Amazing Flash AFCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the search field. NOTE: the vendor has disputed this issue, stating "if someone were to type in any sql injection code, that code would never be queried.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://www.securityfocus.com/bid/19074
- http://securitytracker.com/id?1016538
- http://www.osvdb.org/28618
- http://securityreason.com/securityalert/1255
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27846
- http://www.securityfocus.com/archive/1/440848/100/100/threaded
- http://www.securityfocus.com/archive/1/440589/100/0/threaded