Family: CGI abuses --> Category: infos
WebStores 2000 browse_item_details.asp SQL injection Vulnerability Scan
Vulnerability Scan Summary
WebStores 2000 SQL injection
Detailed Explanation for this Vulnerability Test
The remote web server contains an ASP application that is prone to SQL
The remote web server is running WebStore 2000, a set of ASP scripts
designed to set up an e-commerce store.
There is a flaw in the version of WebStore used on the remote host
that may allow a possible hacker to make arbitrary SQL statements to the
backend database. A possible hacker may be able to exploit this issue to
add administrative accounts, execute arbitrary commands using the
'xp_cmdshell' function, and the like.
See also :
Unknown at this time.
High / CVSS Base Score : 7
Click HERE for more information and discussions on this network vulnerability scan.