S-Quadra Advisory #2004-03-31 - CactuShop shopping cart versions 5.x suffer from a SQL injection attack that allows for remote code execution via the MS SQL xp_cmdshell function. They also have a cross site scripting vulnerability.
d6c5fc742f5d4a4adf31b6ea32e79a6ba6bdfbf8a51f4d9d2fa1268682a60811S-Quadra Advisory #2004-03-12 - The Dogpatch Software CFWebstore 5.0 shopping cart is vulnerable to both SQL injection and cross site scripting attacks in the index.cfm script.
1c7ff362dc7ffadb306a13d097aaf4be167f49df0e94f977e162345e13c85b23S-Quadra Advisory #2004-03-03 - Spider Sales shopping cart suffers from incorrect use of cryptography and SQL injection attacks.
a0cda1fa27a49663003e77c116f1091e641af6fe9647acb9f89889f7983dc432S-Quadra Advisory #2004-02-18 - WebCortex Webstores2000 version 6.0 has a SQL injection vulnerability that allows a remote attacker to add an administrative account and it also has a cross site scripting flaw.
413be3fc56f6d324062e5d7d79c97bdd9b708064513a7e39c078ee57bbf3f793S-Quadra Advisory #2004-02-16 - EarlyImpact ProductCart shopping cart software incorrectly makes use of cryptography, is susceptible to a cross site scripting attack, and allows for SQL injection attacks as well.
3330d8b93aad8afb29f6c2680fb973686c8aec2837cc6efd89d60eb6b3d896caS-Quadra Advisory #2004-02-06 - A backdoor exists in CactuSoft CactuShop 5.0 Lite shopping cart software that allows a remote attacker to delete any file on the target system.
264371449a786722a768f921a478dfb456e426a3e7b10e8ae5eea3fc8f03d804S-Quadra Advisory #2004-01-23 - QuadComm Q-Shop ASP Shopping Cart Software has multiple SQL injection and cross site scripting vulnerabilities.
f1b225be449f443f70ea6b3605dee7d993e92086915c6e0a6b3e035f1ba4755d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed