Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3735

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3735
Last Modified 07 Mar 2011 09:27:03
Published 21 Nov 2005 07:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3735

Summary

Multiple SQL injection vulnerabilities in e-Quick Cart allow remote attackers to execute arbitrary SQL commands via the (1) productid parameter in shopaddtocart.asp, (2) strpemail parameter in shopprojectlogin.asp, and (3) id parameter in shoptellafriend.asp.

Vulnerable Systems

Application

  • Coastal Data Management E-quick Cart


References

VUPEN - ADV-2005-2506

BID - 15510

SECTRACK - 1015244

SECUNIA - 17652

OSVDB - 20999

OSVDB - 20998

OSVDB - 20997


Last Updated: 27 May 2016 10:41:02