Published: 07/08/2003 Updated: 11/07/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

SQL injection vulnerability in Cyberstrong eShop 4.2 and previous versions allows remote malicious users to steal authentication information and gain privileges via the ProductCode parameter in (1) 10expand.asp, (2) 10browse.asp, and (3) 20review.asp.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cyberstrong eshop

source: wwwsecurityfocuscom/bid/14103/info CyberStrong eShop is prone to an SQL injection vulnerability As a result, the attacker may modify the structure and logic of an SQL query that is made by the application The attacker may accomplish this by passing malicious SQL syntax to the vulnerable '10expandasp' script It is reported tha ...

source: wwwsecurityfocuscom/bid/14101/info CyberStrong eShop is prone to an SQL-injection vulnerability As a result, the attacker may modify the structure and logic of an SQL query that is made by the application The attacker may accomplish this by passing malicious SQL syntax to the vulnerable '20reviewasp' script Reportedly, the at ...

NVD-CWE-Other http://www.securityfocus.com/bid/14101 http://www.securityfocus.com/bid/14103 http://www.securityfocus.com/bid/14112 http://www.osvdb.org/10098 http://www.osvdb.org/10099 http://www.osvdb.org/10100 http://securitytracker.com/id?1007092 http://secunia.com/advisories/9165 http://marc.info/?l=bugtraq&m=105709450711395&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/12485 https://nvd.nist.gov https://www.exploit-db.com/exploits/25923/

CVE-2003-0509

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect