CVE-2004-1881

Description

SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp in CactuShop 5.x allows remote attackers to execute arbitrary SQL commands via the strItems parameter.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/15686

http://www.osvdb.org/4786

http://www.osvdb.org/4785

http://secunia.com/advisories/11272

http://marc.info/?l=bugtraq&m=108075059013762&w=2

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3