|
Description
|
|
Two vulnerabilities have been reported in Cartweaver, which can be exploited by malicious people to disclose certain sensitive information and conduct SQL injection attacks.
1) Input passed to the "prodId" parameter in details.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
2) Input passed via the "helpFileName" parameter to AdminHelp.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences.
The vulnerabilities are reported in version 3. Other versions may also be affected.
|
