Bonza Digital Cart Script Cross Site Scripting And SQL Injection Vulnerabilities Network Vulnerability

Summary

Bonza Digital Cart Script is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie- based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

References

http://www.securityfocus.com/bid/49262
http://www.turnkeycentral.com/scripts/bonza-digital-cart-script/

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe ColdFusion Information Disclosure Vulnerability
Awstats Configuration File Remote Arbitrary Command Execution Vulnerability
AWStats configdir parameter arbitrary cmd exec
Baby Gekko CMS Multiple Vulnerabilities
ALCASAR Remote Code Execution Vulnerability

Bonza Digital Cart Script Cross Site Scripting and SQL Injection Vulnerabilities

Take action and discover your vulnerabilities