CVE-2004-2108 Information
Description
Multiple SQL injection vulnerabilities in QuadComm Q-Shop allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) search.asp (2) browse.asp (3) details.asp (4) showcat.asp (5) users.asp (6) addtomylist.asp (7) modline.asp (8) cart.asp or (9) newuser.asp.
Reference
http://marc.info/?l=bugtraq&m=107488132208229&w=2 http://secunia.com/advisories/10704 http://securitytracker.com/alerts/2004/Jan/1008837.html http://www.osvdb.org/3698 http://www.osvdb.org/3699 http://www.osvdb.org/3700 http://www.osvdb.org/3701 http://www.osvdb.org/3702 http://www.osvdb.org/3703 http://www.osvdb.org/3704 http://www.osvdb.org/3705 http://www.osvdb.org/3706 http://www.securityfocus.com/bid/9481 http://www.s-quadra.com/advisories/Adv-20040123.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/14922
Share on: