CVE-2005-2477 Information
Feb 14, 2021
cve
Description
shop_display_products.php in Naxtor Shopping Cart 1.0 allows remote attackers to obtain sensitive information via a cat_id with a '\ (single quote) which reveals the path in an error message possibly due to an SQL injection vulnerability.
Reference
http://marc.info/?l=bugtraq&m=112301600608192&w=2 http://secunia.com/advisories/16262 http://securitytracker.com/id?1014613 http://www.securityfocus.com/bid/14456 https://exchange.xforce.ibmcloud.com/vulnerabilities/21677
Share on: