Описание
Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier allow remote attackers to execute arbitrary SQL commands or obtain the full installation path via (1) the c parameter in cart.php and (2) unspecified search module parameters.
Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier allow remote attackers to execute arbitrary SQL commands or obtain the full installation path via (1) the c parameter in cart.php and (2) unspecified search module parameters.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-4614
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23357
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23358
- http://pridels0.blogspot.com/2005/11/digishop-3x-sql-injection-vuln.html
- http://www.osvdb.org/21302
- http://www.osvdb.org/21303
- http://www.vupen.com/english/advisories/2005/2563
EPSS
Процентиль: 76%
0.00963
Низкий
CVE ID
Связанные уязвимости
nvd
около 20 лет назад
Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier allow remote attackers to execute arbitrary SQL commands or obtain the full installation path via (1) the c parameter in cart.php and (2) unspecified search module parameters.
EPSS
Процентиль: 76%
0.00963
Низкий