Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0509

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-0509
Last Modified 05 Sep 2008 04:34:30
Published 07 Aug 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0509

Summary

SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier allows remote attackers to steal authentication information and gain privileges via the ProductCode parameter in (1) 10expand.asp, (2) 10browse.asp, and (3) 20review.asp.

Vulnerable Systems

Application

  • Cyberstrong Eshop 4.2


References

BUGTRAQ - 20030701 CyberStrong Shopping Cart - Advisory & Exploit Code

XF - cyberstrongeshop-multiple-sql-injection(12485)

BID - 14112

BID - 14103

BID - 14101

OSVDB - 10100

OSVDB - 10099

OSVDB - 10098

SECTRACK - 1007092

SECUNIA - 9165


Last Updated: 27 May 2016 10:37:56