Vulnerabilities > CVE-2007-3323 - Input Validation vulnerability in Comersus Open Technologies Comersus Cart 7.07

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

comersus-open-technologies

exploit available

NVD

Published: 2007-06-21

Updated: 2018-10-16

Summary

SQL injection vulnerability in comersus_optReviewReadExec.asp in Comersus Shop Cart 7.07 allows remote attackers to execute arbitrary SQL commands via the idProduct parameter. NOTE: this might be the same as CVE-2005-2190.2.

Vulnerable Configurations

Part	Description	Count
Application	Comersus_Open_Technologies Comersus Open Technologies Comersus Cart 7.07	1

Exploit-Db

description	Comersus Cart 7.0.7 comersus_optReviewReadExec.asp id Parameter SQL Injection. CVE-2007-3323. Webapps exploit for asp platform
id	EDB-ID:30203
last seen	2016-02-03
modified	2007-06-20
published	2007-06-20
reporter	Doz
source	https://www.exploit-db.com/download/30203/
title	Comersus Cart 7.0.7 comersus_optReviewReadExec.asp id Parameter SQL Injection

Summary

Vulnerable Configurations

Exploit-Db

References