8 lines
No EOL
692 B
Text
8 lines
No EOL
692 B
Text
source: https://www.securityfocus.com/bid/13377/info
|
|
|
|
An SQL injection vulnerability affects MetaCart e-Shop V-8. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries.
|
|
|
|
An attacker may exploit this issue to manipulate SQL queries to the underlying database. This may facilitate theft sensitive information, potentially including authentication credentials, and data corruption.
|
|
|
|
http://www.example.com/eshopv-8/productsByCategory.asp?intCatalogID=&%3bpage=2&%3bstrCatalog_NAME='SQL_INJECTION
|
|
http://www.example.com/mcart2pal/productsByCategory.asp?intCatalogID=&%3bpage=2&%3bstrCatalog_NAME='SQL_INJECTION |