Vulnerability Details CVE-2011-5198
SQL injection vulnerability in search.php in Neturf eCommerce Shopping Cart allows remote attackers to execute arbitrary SQL commands via the SearchFor parameter. NOTE: some of these details are obtained from third party information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/78068
- http://packetstormsecurity.org/files/view/108231/neturf-xss.txt
- http://secunia.com/advisories/47354
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72037
- http://osvdb.org/78068
- http://packetstormsecurity.org/files/view/108231/neturf-xss.txt
- http://secunia.com/advisories/47354
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72037
Products affected by CVE-2011-5198
-
cpe:2.3:a:neturf:ecommerce_shopping_cart:-