MetaLinks.MetaCart2.IntCatalogID.SQL.Injection
Description
It indicates a possible exploit of a sql injection vulnerability in MetaCart that may allow remote attackers to execute arbitrary SQL commands via a parameter intCatalogID, in productsByCategory.asp.
Affected Products
MetaLinks MetaCart2 for SQL Server UK Edition
MetaLinks MetaCart2 for PayPal
MetaLinks MetaCart2 for PayFlow Link
Impact
Compromise of affected system
Recommended Actions
Currently we are not aware of any vendor-supplied patches for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |