Описание
Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 build 8356 free edition and earlier allow remote attackers to execute arbitrary SQL commands via the User-Agent header to (1) index.php and (2) product-list.php.
Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 build 8356 free edition and earlier allow remote attackers to execute arbitrary SQL commands via the User-Agent header to (1) index.php and (2) product-list.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-4147
- https://exchange.xforce.ibmcloud.com/vulnerabilities/62559
- http://holisticinfosec.org/content/view/159/45
- http://secunia.com/advisories/41764
- http://www.avactis.com/forums/index.php?showtopic=5317
- http://www.osvdb.org/68646
- http://www.osvdb.org/68647
- http://www.securityfocus.com/bid/44104
Связанные уязвимости
nvd
больше 15 лет назад
Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 build 8356 free edition and earlier allow remote attackers to execute arbitrary SQL commands via the User-Agent header to (1) index.php and (2) product-list.php.