header-logo
Suggest Exploit
vendor:
CodeThatShoppingCart
by:
SecurityFocus
7.5
CVSS
HIGH
Cross-site scripting and SQL injection
79, 89
CWE
Product Name: CodeThatShoppingCart
Affected Version From: 1.3.2001
Affected Version To: 1.3.2001
Patch Exists: YES
Related CWE: N/A
CPE: a:codethat:codethatshoppingcart
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

CodeThatShoppingCart Multiple Input Validation Vulnerabilities

CodeThatShoppingCart is reportedly affected by multiple input validation vulnerabilities. These issues may allow remote attackers to carry out cross-site scripting and SQL injection attacks. An attacker may also potentially disclose sensitive data.

Mitigation:

Input validation should be performed to ensure that user-supplied data is properly sanitized.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13560/info
 
CodeThatShoppingCart is reportedly affected by multiple input validation vulnerabilities. These issues may allow remote attackers to carry out cross-site scripting and SQL injection attacks. An attacker may also potentially disclose sensitive data.
 
CodeThatShoppingCart 1.3.1 was reported to be vulnerable. Other versions may be affected as well. 

http://www.example.com/shoppingcart/catalog.php?action=category_show
&id=1%20or%20like%20%60a%%60

http://www.example.com/shoppingcart/demo/catalog.php?action=
category_show&id=1%20or%201=1

Navigation

Suggest Exploit

Services By CQR