Vulnerabilities > CVE-2006-5962 - Unspecified vulnerability in Hpecs Shopping Cart Hpecs Shopping Cart
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN hpecs-shopping-cart
exploit available
Summary
Multiple SQL injection vulnerabilities in Hpecs Shopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields in the (a) login screen, and (3) searchstring parameter in (b) insearch_list.asp.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| id | EDB-ID:2782 |
References
- http://secunia.com/advisories/22904
- http://secunia.com/advisories/22904
- http://securityreason.com/securityalert/1879
- http://securityreason.com/securityalert/1879
- http://www.securityfocus.com/archive/1/451595/100/0/threaded
- http://www.securityfocus.com/archive/1/451595/100/0/threaded
- http://www.vupen.com/english/advisories/2006/4535
- http://www.vupen.com/english/advisories/2006/4535
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30287
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30287
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30288
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30288
- https://www.exploit-db.com/exploits/2782
- https://www.exploit-db.com/exploits/2782