CVE-2005-1291 - Transisthmian Raccoon Dog
Description
Multiple SQL injection vulnerabilities in CartWIZ ASP Cart allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) addToCart.asp or (2) productDetails.asp the (3) priceFrom (4) idCategory or (5) priceTo parameter to searchResults.asp or (6) the idParentCategory parameter to productCatalogSubCats.asp.
Reference
http://secunia.com/advisories/15055 http://securitytracker.com/id?1013792 http://www.osvdb.org/15771 http://www.osvdb.org/15772 http://www.osvdb.org/15773 http://www.osvdb.org/15774 http://marc.info/?l=bugtraq&m=111428393022389&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/20246