SQL Injection Vulnerabilities in E-Commerce Scripts by E-Commerce Scripts
CVE-2007-4121

Currently unrated

Key Information:

Vendor: E-commerce Solutions
Status: Auction Script; Shopping Cart Script; Multi-vendor E-shop Script
Vendor: CVE Published:; 1 August 2007

🔔 Create E-commerce Solutions Vulnerability Alert

What is CVE-2007-4121?

Multiple SQL injection vulnerabilities exist in the admin.aspx file of E-Commerce Scripts, which could allow remote attackers to execute arbitrary SQL commands through the EmailAdd and Pass parameters. These vulnerabilities enable unauthorized access to sensitive data, making it crucial for users to apply updates and adopt security measures.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/35680

vdb-entryx_refsource_XF

http://outlaw.aria-security.info/?p=11

x_refsource_MISC

http://www.securityfocus.com/archive/1/475062/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 1, 2007
Vulnerability Reserved
Aug 1, 2007

CVE-2007-4121 Data

JSON