SQL Injection Vulnerability in CactuShop 5.x: Remote Code Execution via strItems Parameter
CVE-2004-1881 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp in CactuShop 5.x allows remote attackers to execute arbitrary SQL commands via the strItems parameter.
Learn more about our Web Application Penetration Testing UK.