01642 06 11 11 Arrange Call

SQL Injection Vulnerability in CactuShop 5.x: Remote Code Execution via strItems Parameter

CVE-2004-1881 · HIGH

CVE-2004-1881

SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp in CactuShop 5.x allows remote attackers to execute arbitrary SQL commands via the strItems parameter.

Learn more about our Web Application Penetration Testing UK.