CVE-2007-4121

Multiple SQL injection vulnerabilities in admin.aspx in E-Commerce Scripts Shopping Cart Script, Multi-Vendor E-Shop Script, and Auction Script allow remote attackers to execute arbitrary SQL commands via the (1) EmailAdd (Username) and (2) Pass (password) parameters. NOTE: some of these details are obtained from third party information.
Configurations

Configuration 1

cpe:2.3:a:e-commerce_solutions:auction_script:*:*:*:*:*:*:*:*
cpe:2.3:a:e-commerce_solutions:shopping_cart_script:*:*:*:*:*:*:*:*
cpe:2.3:a:e-commerce_solutions:multi-vendor_e-shop_script:*:*:*:*:*:*:*:*

Information

Published : 2007-08-01 04:17

Updated : 2018-10-15 09:33


NVD link : CVE-2007-4121

Mitre link : CVE-2007-4121

Products Affected
No products.