header-logo
Suggest Exploit
vendor:
Squirrelcart
by:
SecurityFocus
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Squirrelcart
Affected Version From: 1.5.2005
Affected Version To: 1.5.2005
Patch Exists: YES
Related CWE: N/A
CPE: a:squirrelcart:squirrelcart
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

Squirrelcart SQL Injection Vulnerability

Squirrelcart is affected by an SQL injection vulnerability. This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.

Mitigation:

Input validation should be used to prevent malicious input from being passed to database queries.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12944/info

Squirrelcart is affected by an SQL injection vulnerability.

This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.

Squirrelcart 1.5.5 and prior versions are vulnerable to this issue. 

http://www.example.com/index.php?crn='SQL_INJECTION&action=show&show_products_mode=cat_click&PHPSESSID=2069dbe1646bdc46e4e78718e76e6d15

Navigation

Suggest Exploit

Services By CQR