CVE-2005-1363 Information

Description

Multiple SQL injection vulnerabilities in MetaCart 2.0 for PayFlow allow remote attackers to execute arbitrary commands via (1) intCatalogID (2) strSubCatalogID or (3) strSubCatalog_NAME parameter to productsByCategory.asp (4) curCatalogID (5) strSubCatalog_NAME (6) intCatalogID or (7) page parameter to productsByCategory.asp or (8) intProdID parameter to product.asp.

Reference

http://marc.info/?l=bugtraq&m=111454142832023&w=2