Описание
** DISPUTED ** SQL injection vulnerability in products.asp in Evolve shopping cart (aka Evolve Merchant) allows remote attackers to execute arbitrary SQL commands via the partno parameter. NOTE: the vendor disputes this issue, stating that it is a forced SQL error.
** DISPUTED ** SQL injection vulnerability in products.asp in Evolve shopping cart (aka Evolve Merchant) allows remote attackers to execute arbitrary SQL commands via the partno parameter. NOTE: the vendor disputes this issue, stating that it is a forced SQL error.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-6207
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30540
- http://securityreason.com/securityalert/1933
- http://www.securityfocus.com/archive/1/452706/100/0/threaded
- http://www.securityfocus.com/archive/1/453549/100/0/threaded
- http://www.securityfocus.com/bid/21323
EPSS
CVE ID
Связанные уязвимости
SQL injection vulnerability in products.asp in Evolve shopping cart (aka Evolve Merchant) allows remote attackers to execute arbitrary SQL commands via the partno parameter. NOTE: the vendor disputes this issue, stating that it is a forced SQL error
EPSS