Multiple SQL Injection Vulnerabilities in CartWIZ

Multiple SQL Injection Vulnerabilities in CartWIZ

CVE-2005-2206 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in CartWIZ allow remote attackers to modify SQL statements via the (1) idProduct parameter to tellAFriend.asp, (2) sortType parameter to viewSupportTickets.asp, or the id parameter to (3) updateCreditCards.asp or (4) deleteCreditCards.asp.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.