Multiple SQL injection vulnerabilities in ProductCart Ecommerce prior to 2.7 allow remote malicious users to execute arbitrary SQL commands via the (1) idcategory parameter to viewPrd.asp, (2) lid parameter to editCategories.asp, (3) icd parameter to modCustomCardPaymentOpt.asp, or (4) idccr parameter to OptionFieldsEdit.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
early impact productcart ecommerce |