Vulnerability Details CVE-2006-6073
Multiple SQL injection vulnerabilities in Enthrallweb eShopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) ProductID parameter in productdetail.asp or the (2) categoryid parameter in products.asp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://aria-security.net/advisory/eShopping.txt
- http://marc.info/?l=bugtraq&m=116353137028066&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30262
- http://aria-security.net/advisory/eShopping.txt
- http://marc.info/?l=bugtraq&m=116353137028066&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30262
Products affected by CVE-2006-6073
-
cpe:2.3:a:enthrallweb:eshopping_cart:-