Multiple SQL injection vulnerabilities in NZ Ecommerce allow remote attackers to execute arbitrary SQL commands via the (1) informationID or (2) ParentCategory parameter to index.php. NOTE: the vendor has disputed this issue in a comment on the researcher's blog, but research by CVE suggests that this might be a legitimate problem
References
Configurations
History
07 Nov 2023, 01:58
Type | Values Removed | Values Added |
---|---|---|
Summary | Multiple SQL injection vulnerabilities in NZ Ecommerce allow remote attackers to execute arbitrary SQL commands via the (1) informationID or (2) ParentCategory parameter to index.php. NOTE: the vendor has disputed this issue in a comment on the researcher's blog, but research by CVE suggests that this might be a legitimate problem |
Information
Published : 2006-03-09 13:06
Updated : 2024-08-07 17:15
NVD link : CVE-2006-1098
Mitre link : CVE-2006-1098
CVE.ORG link : CVE-2006-1098
JSON object : View
Products Affected
digital_builder
- nz_ecommerce
CWE