header-logo
Suggest Exploit
vendor:
AFFCommerce Shopping Cart
by:
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: AFFCommerce Shopping Cart
Affected Version From: 1.1.2004
Affected Version To: 1.1.2004
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

AFFCommerce Shopping Cart SQL Injection Vulnerabilities

AFFCommerce Shopping Cart is prone to multiple SQL injection vulnerabilities. These vulnerabilities could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.

Mitigation:

To mitigate these vulnerabilities, it is recommended to apply the latest patches and updates provided by the vendor. Additionally, input validation and parameterized queries should be implemented to prevent SQL injection attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/15545/info

AFFCommerce Shopping Cart is prone to multiple SQL injection vulnerabilities.

These vulnerabilities could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.

AFFCommerce Shopping Cart 1.1.4 is reportedly affected. It is possible that other versions are vulnerable as well. 

http://www.example.com/standalone/SubCategory.php?cl=[sql]