| VID |
21629 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The ProductCart software is vulnerable to multiple input validation vulnerabilities (3). ProductCart is an ecommerce shopping cart program written in ASP for Microsoft Windows operating systems. ProductCart version 2.7 and earlier versions are vulnerable to multiple input validation vulnerabilities, which can be exploited by remote attackers to conduct cross-site scripting and SQL injection attacks.
1) Multiple SQL Injection Vulnerabilities: Input passed to the "idcategory" parameter of the "viewPrd.asp" script, the "lid" parameter of the "editCategories.asp" script, the "idc" parameter of the "modCustomCardPaymentOpt.asp" script, and the "idccr" parameter of the "OptionFieldsEdit.asp" script isn't properly sanitized before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
2) A Cross-Site Scripting Vulnerability: Input passed to the "error" parameter in the "techErr.asp" script isn't properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.
* References:
http://echo.or.id/adv/adv16-theday-2005.txt
http://securitytracker.com/alerts/2005/Jun/1014129.html
* Platforms Affected:
EarlyImpact, ProductCart version 2.7 and earlier versions
Microsoft Windows Any version |
| Recommendation |
No upgrade or patch available as of June 2005.
-- OR --
Upgrade to the latest version of ProductCart (greater than 2.7), when new version fixed this problem becomes available from the EarlyImpact Web site at http://www.earlyimpact.com/index.asp |
| Related URL |
CVE-2005-1967,CVE-2005-1968 (CVE) |
| Related URL |
13881 (SecurityFocus) |
| Related URL |
20956,20958 (ISS) |
|
