Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to execute arbitrary SQL commands via the (1) article parameter to kb.asp, (2) specific parameter to cart.asp, (3) countrycode parameter to contact.asp, and the (4) srch parameter to search.asp. NOTE: the article parameter to pilot.asp is already covered by CVE-2008-2688.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ASPilot Pilot Cart多个SQL注入漏洞
Vulnerability Description
ASPilot Pilot Cart 7.3版本中存在多个SQL注入漏洞。远程攻击者可以借助(1)向kb.asp文件传递的article参数,(2)向cart.asp文件传递的specific参数,(3)向contact.asp传递的countrycode参数,以及(4)向search.asp传递的srch参数执行任意SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A