CVE-2005-1293

Description

Multiple SQL injection vulnerabilities in default.asp in StorePortal 2.63 allow remote attackers to execute arbitrary SQL commands via the (1) language, (2) bpic, (3) idcategory, (4) content, (5) keyword, or (6) idproduct parameter.

Affected Software
References

Software	From	Fixed in
storeportal / storeportal	2.63	2.63.x

http://digitalparadox.org/advisories/storeportal.txt
http://marc.info/?l=bugtraq&m=111445131808328&w=2
http://secunia.com/advisories/15071

Severity: High

CVE: CVE-2005-1293
Published: May 2, 2005
Updated: Apr 13, 2023
Exploit:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CVE-2005-1293

Description

Details

CVSS v2