Categories

Applications (222)
Blogs (7)
Content Management (148)
Customer Relationship (2)
Discussion Boards (29)
E-Commerce (14)
General Purpose Directories (2)
Image Galleries (18)
Mailing Lists (1)
Tips (3)
Vulnerabilities (337)
Access Bypass (50)
Cross Site Scripting (123)
Denial Of Service (2)
File Inclusion (51)
Information Disclosure (15)
Privilege Escalation (2)
Remote Command Execution (16)
Session Hijacking (2)
SQL Injection (130)
« Joomla DatsoGallery Component SQLi
Maian Guestbook footer.php XSS »

SazCart Multiple Vulnerabilities

Published by TL Guan May 21st, 2008 in E-Commerce and SQL Injection.

Application: SazCart
Affected Version: version 1.5.1 and other versions.
Vendor’s URL: SazCart
Bug Type: SQL injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly verified and sanitized.
Set “register_globals” to “Off” and “magic_quotes_gpc” to “On”.

Subscribe

Latest

Archives



Valid XHTML 1.0 Transitional