9 lines
No EOL
641 B
Text
Executable file
9 lines
No EOL
641 B
Text
Executable file
source: http://www.securityfocus.com/bid/11337/info
|
|
|
|
It is reported that CubeCart is susceptible to an SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI data prior to including it in an SQL query.
|
|
|
|
An attacker may exploit this issue to manipulate SQL queries, potentially revealing or corrupting sensitive database data. This issue may also facilitate attacks against the underlying database software.
|
|
|
|
This vulnerability is reported to exist in version 2.0.1 of CubeCart. Other versions may also be affected.
|
|
|
|
http://www.example.com/store/index.php?cat_id=1 or 1=1 |