Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter in product.asp or (2) strCatalog_NAME parameter to productsByCategory.asp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 67.6%