[VIM] Dup: litecommerce 2004 (category_id) Remote SQL Injection Vulnerability

George A. Theall theall at tenablesecurity.com
Wed Aug 22 02:25:05 UTC 2007

Previous message: [VIM] Recent DB2 Vulnerabilities
Next message: [VIM] r0t's old blog posts found
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

milw0rm 4300 seems like a subset of the issues described by Diabolic 
Crab in his/her/its Bugtraq posting from April 2005:

   http://www.securityfocus.com/archive/1/395130/30/0/threaded

Both involve the 'category_id' parameter to the 'cart.php' script when 
"target=category".

George
-- 
theall at tenablesecurity.com

Previous message: [VIM] Recent DB2 Vulnerabilities
Next message: [VIM] r0t's old blog posts found
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the VIM mailing list