Bonza Digital Cart Script Cross Site Scripting And SQL Injection Vulnerabilities Network Vulnerability

Summary

Bonza Digital Cart Script is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie- based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

References

http://www.securityfocus.com/bid/49262
http://www.turnkeycentral.com/scripts/bonza-digital-cart-script/

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Acidcat CMS Multiple Vulnerabilities
AstroSPACES profile.php SQL Injection Vulnerability
Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities
Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability
Alchemy Eye HTTP Command Execution

Bonza Digital Cart Script Cross Site Scripting and SQL Injection Vulnerabilities

Take action and discover your vulnerabilities