Vulnerability Details CVE-2005-4429
SQL injection vulnerability in CS-Cart 1.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) sort_by and (2) sort_order parameters to index.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://attrition.org/pipermail/vim/2006-January/000450.html
- http://pridels0.blogspot.com/2005/11/cs-cart-sql-inj-vuln.html
- http://www.osvdb.org/21370
- http://www.securityfocus.com/bid/16134
- http://attrition.org/pipermail/vim/2006-January/000450.html
- http://pridels0.blogspot.com/2005/11/cs-cart-sql-inj-vuln.html
- http://www.osvdb.org/21370
- http://www.securityfocus.com/bid/16134