header-logo
Suggest Exploit
vendor:
ProductCart
by:
Unknown
7.5
CVSS
HIGH
SQL Injection, Cross-Site Scripting, Cryptographic Weaknesses
Unknown
CWE
Product Name: ProductCart
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: a:earlyimpact:productcart
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Multiple Vulnerabilities in EarlyImpact ProductCart

The vulnerabilities in EarlyImpact ProductCart allow for SQL injection, cross-site scripting, and cryptographic weaknesses. These issues could lead to the exposure of sensitive data, execution of hostile script code, and HTML. The exploitation of these vulnerabilities could result in a full compromise of the software.

Mitigation:

It is recommended to apply the latest patches and updates provided by the vendor to mitigate these vulnerabilities. Additionally, input validation should be implemented to prevent SQL injection and cross-site scripting attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9669/info
  
EarlyImpact ProductCart is reportedly prone to multiple vulnerabilities. The specific issues include SQL injection, cross-site scripting and cryptographic weaknesses. These issues could expose sensitive data such as user credentials and allow for execution of hostile script code and HTML. These issues could allow for full compromise of the software.

http://www.example.com/productcart/pc/Custva.asp?redirectUrl="><script>alert(document.cookie)</script><"

Navigation

Suggest Exploit

Services By CQR