Uniwin eCart Professional SQL Injection and Cross-Site Scripting

Uniwin eCart Professional SQL Injection and Cross-Site Scripting
BugsAlert Home > Uniwin eCart Professional SQL Injection and Cross-Site Scripting




Some vulnerabilities have been reported in Uniwin eCart Professional, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. Be sure to check if your system is missing security updates or have insecure applications installed: http://secunia.com/software_inspector/ Feature Overview - The Secunia Software Inspector: * Detects insecure versions of applications installed * Verifies that all Microsoft patches are applied * Assists you in updating your system and applications * Runs through your browser. No installation or download is required. Original Source: http://secunia.com/advisories/31545/ Learn more about Uniwin eCart Professional SQL Injection and Cross-Site Scripting


Tags: uniwin ecart professional sql injection cross-site scripting

Related Items
Brief: Hack-and-tell student quits school, awaits trial
CVE-2008-1204 (Java System Access Manager)
CVE-2008-3859 (thickbox_gallery)
Mandriva: Subject: [Security Announce] [ MDVSA-2008:186 ] python
Security Guide for VMware ESX: Helpful But Has Holes
CVE-2008-0563 (Liferay Enterprise Portal)
CVE-2008-3562 (Chupix CMS, cms_contact_module)