Vulnerabilities > CVE-2006-3794 - Unspecified vulnerability in Amazing Flash Commerce Afcommerce Shopping Cart

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

amazing-flash-commerce

NVD

Published: 2006-07-24

Updated: 2024-04-11

Summary

SQL injection vulnerability in Amazing Flash AFCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the search field. NOTE: the vendor has disputed this issue, stating "if someone were to type in any sql injection code, that code would never be queried.

Vulnerable Configurations

Part	Description	Count
Application	Amazing_Flash_Commerce Amazing Flash Commerce Afcommerce Shopping Cart *	1

References

http://www.securityfocus.com/bid/19074
http://securitytracker.com/id?1016538
http://www.osvdb.org/28618
http://securityreason.com/securityalert/1255
https://exchange.xforce.ibmcloud.com/vulnerabilities/27846
http://www.securityfocus.com/archive/1/440848/100/100/threaded
http://www.securityfocus.com/archive/1/440589/100/0/threaded