|Title:||ProductCart SQL Injection|
The remote host is using the ProductCart software suite.
This set of CGIs is vulnerable to a SQL injection bug which may allow
an attacker to take the control of the server as an administrator.
From there, he can obtain the list of customers, steal their credit
card information and more.
In addition to this, this software is vulnerable to various
file disclosure and cross site scripting flaws.
Solution : Upgrade to the latest version of ProductCart
Risk factor : High
BugTraq ID: 8103|
BugTraq ID: 8105
BugTraq ID: 8108
BugTraq ID: 8112
|Copyright||This script is Copyright (C) 2003 Tenable Network Security|
|This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.