CVE-2005-1293 Information

Description

Multiple SQL injection vulnerabilities in default.asp in StorePortal 2.63 allow remote attackers to execute arbitrary SQL commands via the (1) language (2) bpic (3) idcategory (4) content (5) keyword or (6) idproduct parameter.

Reference

http://digitalparadox.org/advisories/storeportal.txt http://marc.info/?l=bugtraq&m=111445131808328&w=2 http://secunia.com/advisories/15071