Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2917

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2917
Last Modified 14 Apr 2009 01:32:57
Published 30 Jun 2008 02:24:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2917

Summary

SQL injection vulnerability in productsofcat.asp in E-SMART CART allows remote attackers to execute arbitrary SQL commands via the category_id parameter.

Vulnerable Systems

Application

  • Preprojects E-smart Cart


References

XF - esmartcart-productsofcat-sql-injection(43088)

MISC - http://www.spanish-hackers.com/vuln/joss-40.txt

SECTRACK - 1020296

BID - 29712

BUGTRAQ - 20080615 E-SMART CART (productsofcat.asp) Remote SQL Injection Vulnerability

MILW0RM - 5805

SREASON - 3964

SECUNIA - 30687


Last Updated: 27 May 2016 10:48:02