Vulnerabilities > CVE-2006-6034 - Unspecified vulnerability in Sitesoutlet E-Commerce Kit-1 Paypaledition

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

sitesoutlet

NVD

Published: 2006-11-21

Updated: 2024-11-21

Summary

Multiple SQL injection vulnerabilities in SitesOutlet E-commerce Kit-1 PayPal Edition allow remote attackers to execute arbitrary SQL commands via the (1) keyword or (2) cid parameter in (a) catalogue.asp, or the (3) pid parameter in (b) viewDetail.asp.

Vulnerable Configurations

Part	Description	Count
Application	Sitesoutlet Sitesoutlet E Commerce KIT 1 Paypal_Edition	1

References

http://secunia.com/advisories/22975
http://secunia.com/advisories/22975
http://securityreason.com/securityalert/1900
http://securityreason.com/securityalert/1900
http://www.securityfocus.com/archive/1/451771/100/0/threaded
http://www.securityfocus.com/archive/1/451771/100/0/threaded
http://www.securityfocus.com/bid/21056
http://www.securityfocus.com/bid/21056
http://www.vupen.com/english/advisories/2006/4571
http://www.vupen.com/english/advisories/2006/4571