CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-0907

Multiple SQL injection vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to category.php, (2) the id parameter to item.php, (3) the lang parameter to index.php, (4) the searchQuery parameter to search_result.php, (5) or the searchTopCategoryID parameter to search_result.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.9%

CVSS Severity

CVSS v2 Score 7.5

References

http://securitytracker.com/id?1013565
http://www.securityfocus.com/archive/1/394406/2005-03-26/2005-04-01/2
http://securitytracker.com/id?1013565
http://www.securityfocus.com/archive/1/394406/2005-03-26/2005-04-01/2

Products affected by CVE-2005-0907

Valdersoft » Shopping Cart » Version: 3.0

cpe:2.3:a:valdersoft:shopping_cart:3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-0907

Products

Pricing

Contact Us