Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5261

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2007-5261
Last Modified 05 Sep 2008 05:30:17
Published 06 Oct 2007 01:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5261

Summary

Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to search.php.

Vulnerable Systems

Application

  • Iscripts Multicart 1.0


References

MILW0RM - 4480

XF - multicart-search-category-sql-injection(36927)

BID - 25895


Last Updated: 27 May 2016 10:46:08