CVE-2008-4746 Information

Description

Multiple SQL injection vulnerabilities in Uniwin eCart Professional 2.0.17 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to (1) search.asp and (2) cartUtil.asp.

Reference

http://secunia.com/advisories/31545 http://www.uniwin.com/eCart_revisions.asp https://exchange.xforce.ibmcloud.com/vulnerabilities/44609