Skip to main content

CVE-2006-5962

Severity High
Score 7.5/10

Summary

Multiple SQL injection vulnerabilities in Hpecs Shopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields in the (a) login screen, and (3) searchstring parameter in (b) insearch_list.asp.

  • LOW
  • NETWORK
  • NONE
  • PARTIAL
  • PARTIAL
  • PARTIAL

References

Advisory Timeline

  • Published