SQL Injection Vulnerability in Cyberstrong eShop 4.2 and Earlier: Remote Authentication Information Theft and Privilege Escalation
CVE-2003-0509 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier allows remote attackers to steal authentication information and gain privileges via the ProductCode parameter in (1) 10expand.asp, (2) 10browse.asp, and (3) 20review.asp.
Learn more about our Web Application Penetration Testing UK.