Family: CGI abuses --> Category: infos
MetaCart E-Shop ProductsByCategory.ASP SQL and XSS Injection Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
MetaCart E-Shop ProductsByCategory.ASP XSS and SQL injection Vulnerabilities
Detailed Explanation for this Vulnerability Test
The remote host is running the MetaCart e-Shop, an online store written in ASP.
Due to a lack of user input validation, the remote version of this software is vulnerable
to various SQL injection vulnerabilities and cross site scripting attacks.
A possible hacker may exploit these flaws to execute arbitrary SQL commands against the remote
database or to perform a cross site scripting attack using the remote host.
Solution : None at this time
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.