Summary
FishCart, in use since January 1998, is a proven Open Source e-commerce system for products, services, online payment and online donation management. Written in PHP4, FishCart has been tested on Windows NT, Linux, and various Unix platforms.
FishCart presently supports the MySQL, PostgreSQL, Solid, Oracle and MSSQL.
FishCart contains multiple SQL injection vulnerabilities in the program that can be exploited to modify/delete/insert entries into the database.
In addition, the program suffers from cross site scripting vulnerabilities.
Severity
Classification
-
CVE CVE-2005-1486, CVE-2005-1487 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities