CVE-2006-1098 Information

Feb 14, 2021 cve

Description

LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks Multiple SQL injection vulnerabilities in NZ Ecommerce allow remote attackers to execute arbitrary SQL commands via the (1) informationID or (2) ParentCategory parameter to index.php. NOTE: the vendor has disputed this issue in a comment on the researcher’s blog but research by CVE suggests that this might be a legitimate problem.

Reference

http://pridels0.blogspot.com/2006/03/nz-ecommerce-sqlxss-vuln.html http://secunia.com/advisories/19088 http://www.osvdb.org/23601 http://www.securityfocus.com/bid/16931 http://www.vupen.com/english/advisories/2006/0803

Share on: