Bonza Digital Cart Script is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie- based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
- Assesi 'bg' Parameter SQL Injection vulnerability
- 3Com OfficeConnect VPN Firewall Default Password Security Bypass Vulnerability
- ApPHP MicroBlog Remote Code Execution Vulnerability
- ActivDesk Multiple Cross Site Scripting and SQL Injection Vulnerabilities
- Andy's PHP Knowledgebase 'step5.php' Remote PHP Code Execution Vulnerability