Multiple SQL injection vulnerabilities in ProductCart 1.5 through 2 allow remote attackers to (1) gain access to the admin control panel via the idadmin parameter to login.asp or (2) gain other privileges via the Email parameter to Custva.asp.
http://marc.info/?l=bugtraq&m=105760660928715&w=2
http://marc.info/?l=bugtraq&m=105733145930031&w=2
Source: Mitre, NVD
Published: 2003-08-18
Updated: 2016-10-18
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Severity: Critical
Base Score: 9.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H