CVE Vulnerabilities

CVE-2003-0522

Published: Aug 18, 2003 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Multiple SQL injection vulnerabilities in ProductCart 1.5 through 2 allow remote attackers to (1) gain access to the admin control panel via the idadmin parameter to login.asp or (2) gain other privileges via the Email parameter to Custva.asp.

Affected Software

Name Vendor Start Version End Version
Productcart Early_impact 1.5 1.5
Productcart Early_impact 1.6b 1.6b
Productcart Early_impact 1.6b001 1.6b001
Productcart Early_impact 1.6b002 1.6b002
Productcart Early_impact 1.6b003 1.6b003
Productcart Early_impact 1.6br 1.6br
Productcart Early_impact 1.6br001 1.6br001
Productcart Early_impact 1.6br003 1.6br003
Productcart Early_impact 1.5002 1.5002
Productcart Early_impact 1.5003 1.5003
Productcart Early_impact 1.5003r 1.5003r
Productcart Early_impact 1.5004 1.5004
Productcart Early_impact 1.6002 1.6002
Productcart Early_impact 1.6003 1.6003
Productcart Early_impact 2 2
Productcart Early_impact 2br000 2br000

References