Vulnerability Details CVE-2007-3323
SQL injection vulnerability in comersus_optReviewReadExec.asp in Comersus Shop Cart 7.07 allows remote attackers to execute arbitrary SQL commands via the idProduct parameter. NOTE: this might be the same as CVE-2005-2190.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/36152
- http://securityreason.com/securityalert/2819
- http://www.securityfocus.com/archive/1/471837/100/0/threaded
- http://www.securityfocus.com/bid/24562
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34953
- http://osvdb.org/36152
- http://securityreason.com/securityalert/2819
- http://www.securityfocus.com/archive/1/471837/100/0/threaded
- http://www.securityfocus.com/bid/24562
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34953
Products affected by CVE-2007-3323
-
cpe:2.3:a:comersus_open_technologies:comersus_cart:7.07