mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-22 22:19:39 +02:00
0xMarcio
828 B
828 B
CVE-2005-0994
Description
Multiple SQL injection vulnerabilities in ProductCart 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the Category or resultCnt parameters to advSearch_h.asp, and possibly (2) the offset parameter to tarinasworld_butterflyjournal.asp. NOTE: it is possible that item (2) is the result of a typo or editing error from the original research report.
POC
Reference
No PoCs from references.