SQL Injection Vulnerability in Quick.cart 0.3.0 via iCategory Parameter

SQL Injection Vulnerability in Quick.cart 0.3.0 via iCategory Parameter

CVE-2005-1588 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in index.php for Quick.cart 0.3.0 allows remote attackers to execute arbitrary SQL commands via the iCategory parameter. NOTE: the vendor has privately disputed this issue, saying that Quick.cart does not even use SQL and therefore can not be vulnerable to SQL injection

Learn more about our Web Application Penetration Testing UK.