CVE-2008-1750

SQL injection vulnerability in Integry Systems LiveCart 1.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to the /category URI.

Published: Apr 11, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-1750
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
livecart / livecart	1.1.0	1.1.0.x
livecart / livecart	1.1.1	1.1.1.x
livecart / livecart	1.0.1	1.0.1.x

http://livecart.com/news/LiveCart-1-1-2-released.12
http://seclists.org/bugtraq/2008/May/0021.html
http://secunia.com/advisories/29765
http://www.osvdb.org/44358
http://www.securityfocus.com/bid/28723
https://exchange.xforce.ibmcloud.com/vulnerabilities/41750
https://www.exploit-db.com/exploits/5422

Vulnerability Database

CVE-2008-1750