7.5
CVE-2005-1291
- EPSS 1.54%
- Veröffentlicht 23.04.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:12:47
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple SQL injection vulnerabilities in CartWIZ ASP Cart allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) addToCart.asp or (2) productDetails.asp, the (3) priceFrom, (4) idCategory, or (5) priceTo parameter to searchResults.asp, or (6) the idParentCategory parameter to productCatalogSubCats.asp.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.54% | 0.717 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://marc.info/?l=bugtraq&m=111428393022389&w=2
http://secunia.com/advisories/15055
http://securitytracker.com/id?1013792
http://www.osvdb.org/15771
http://www.osvdb.org/15772
http://www.osvdb.org/15773
http://www.osvdb.org/15774
https://exchange.xforce.ibmcloud.com/vulnerabilities/20246