Vulnerability Details CVE-2005-1361
Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter in product.asp or (2) strCatalog_NAME parameter to productsByCategory.asp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=111453994718211&w=2
- http://www.securityfocus.com/bid/13376
- http://www.securityfocus.com/bid/13377
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20283
- http://marc.info/?l=bugtraq&m=111453994718211&w=2
- http://www.securityfocus.com/bid/13376
- http://www.securityfocus.com/bid/13377
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20283
Products affected by CVE-2005-1361
-
cpe:2.3:a:metalinks:metacart_e-shop:8.0