CVE-2004-1881

2005-05-1004:00:00

mitre

www.cve.org

AI Score

8.3

Confidence

Low

EPSS

0.011

Percentile

84.4%

JSON

SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp in CactuShop 5.x allows remote attackers to execute arbitrary SQL commands via the strItems parameter.

References

marc.info/?l=bugtraq&m=108075059013762&w=2

secunia.com/advisories/11272

securitytracker.com/id?1009601

www.osvdb.org/4785

www.osvdb.org/4786

www.s-quadra.com/advisories/Adv-20040331.txt

www.securityfocus.com/bid/10019

exchange.xforce.ibmcloud.com/vulnerabilities/15686