Vulnerabilities > Midicart Software > Midicart ASP Plus Shopping Cart
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-01 | CVE-2006-6209 | SQL Injection vulnerability in Midicart Software products Multiple SQL injection vulnerabilities in MidiCart ASP Shopping Cart and ASP Plus Shopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) id2006quant parameter to (a) item_show.asp, or the (2) maingroup or (3) secondgroup parameter to (b) item_list.asp. | 7.5 |