Back to search
CVE-2010-4632
Published: Dec 30, 2010
Modified: Sep 17, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to execute arbitrary SQL commands via the (1) article parameter to kb.asp, (2) specific parameter to cart.asp, (3) countrycode parameter to contact.asp, and the (4) srch parameter to search.asp. NOTE: the article parameter to pilot.asp is already covered by CVE-2008-2688.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
30176
third-party-advisory
x_refsource_SECUNIA
15448
exploit
x_refsource_EXPLOIT-DB
44698
vdb-entry
x_refsource_BID
20101107 ASPilot Pilot Cart 7.3 multiple vulnerabilities
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now