CVE-2007-4121 in Multi-Vendor E-Shop Scriptinfo

Summary

Multiple SQL injection vulnerabilities in admin.aspx in E-Commerce Scripts Shopping Cart Script, Multi-Vendor E-Shop Script, and Auction Script allow remote attackers to execute arbitrary SQL commands via the (1) EmailAdd (Username) and (2) Pass (password) parameters. NOTE: some of these details are obtained from third party information.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

08/01/2007

Disclosure

08/01/2007

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
38127	E-commerce Solutions Multi-Vendor E-Shop Script admin.aspx sql injection	89	High	Unavailable	CVE-2007-4121

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!