10 lines
No EOL
631 B
Text
10 lines
No EOL
631 B
Text
source: https://www.securityfocus.com/bid/15634/info
|
|
|
|
GhostScripter Amazon Shop is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.
|
|
|
|
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
|
|
|
|
GhostScripter Amazon Shop 5.0.0 and prior versions are vulnerable; other versions may also be affected.
|
|
|
|
|
|
http://www.example.com/search.php?query=%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E&mode=all&imageField.x=21&imageField.y=4 |