Vulnerability Details CVE-2006-6034
Multiple SQL injection vulnerabilities in SitesOutlet E-commerce Kit-1 PayPal Edition allow remote attackers to execute arbitrary SQL commands via the (1) keyword or (2) cid parameter in (a) catalogue.asp, or the (3) pid parameter in (b) viewDetail.asp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/22975
- http://securityreason.com/securityalert/1900
- http://www.securityfocus.com/archive/1/451771/100/0/threaded
- http://www.securityfocus.com/bid/21056
- http://www.vupen.com/english/advisories/2006/4571
- http://secunia.com/advisories/22975
- http://securityreason.com/securityalert/1900
- http://www.securityfocus.com/archive/1/451771/100/0/threaded
- http://www.securityfocus.com/bid/21056
- http://www.vupen.com/english/advisories/2006/4571
Products affected by CVE-2006-6034
-
cpe:2.3:a:sitesoutlet:e-commerce_kit-1:paypal_edition