CVE-2006-5959 - Closed circuit Grants

Description

SQL injection vulnerability in browse.asp in A+ Store E-Commerce allows remote attackers to execute arbitrary SQL commands via the ParentID parameter.

Reference

http://archives.neohapsis.com/archives/bugtraq/2006-11/0248.html http://www.securityfocus.com/bid/21092 http://secunia.com/advisories/22918/ http://www.osvdb.org/30417 http://securityreason.com/securityalert/1880 https://exchange.xforce.ibmcloud.com/vulnerabilities/30283