Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in ProductCart 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the Category or resultCnt parameters to advSearch_h.asp, and possibly (2) the offset parameter to tarinasworld_butterflyjournal.asp. NOTE: it is possible that item (2) is the result of a typo or editing error from the original research report.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ProductCart 安全漏洞
Vulnerability Description
ProductCart是NetSource团队的一个购物车软件。提供了一套完整的在线销售功能。 ProductCart 2.7存在安全漏洞,远程攻击者可以通过传给advSearch_h.asp的Category或resultCnt参数,或传给tarinasworld_butterflyjournal.asp的offset参数执行任意SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A