SQL Injection Vulnerability in CS-Cart by Simbirsk Technologies
CVE-2005-4429

Currently unrated

Key Information:

Vendor: Cs-cart
Status: Cs-cart
Vendor: CVE Published:; 21 December 2005

What is CVE-2005-4429?

CS-Cart version 1.3.0 is susceptible to an SQL injection vulnerability that permits remote attackers to execute arbitrary SQL commands. This can be achieved through the manipulation of the 'sort_by' and 'sort_order' parameters in index.php, potentially compromising the integrity and confidentiality of the database. It is essential for users of this application to apply appropriate security measures to mitigate the risks associated with this vulnerability.

References

http://attrition.org/pipermail/vim/2006-January/000450.html

mailing-listx_refsource_VIM

http://www.securityfocus.com/bid/16134

vdb-entryx_refsource_BID

http://www.osvdb.org/21370

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 21, 2005
Vulnerability Reserved
Dec 20, 2005

Cs-cart

What is CVE-2005-4429?

References

Timeline