CVE-2006-6034 Information

Description

Multiple SQL injection vulnerabilities in SitesOutlet E-commerce Kit-1 PayPal Edition allow remote attackers to execute arbitrary SQL commands via the (1) keyword or (2) cid parameter in (a) catalogue.asp or the (3) pid parameter in (b) viewDetail.asp.

Reference

http://secunia.com/advisories/22975 http://securityreason.com/securityalert/1900 http://www.securityfocus.com/archive/1/451771/100/0/threaded http://www.securityfocus.com/bid/21056 http://www.vupen.com/english/advisories/2006/4571