|
Description
|
|
Multiple vulnerabilities have been identified in Sharky e-shop, which could be exploited by remote attackers to perform SQL injection and cross site scripting. These flaws are due to input validation errors in the "search_prod_list.asp" and "meny2.asp" scripts that do not validate the "maingroup" and "secondgroup" parameters, which could be exploited by malicious people to execute arbitrary SQL queries or cause malicious scripting code to be executed by the user's browser.
|
