CVE-2005-1161

OneWorldStore - SQL Injection

Title source: llm

Description

Multiple SQL injection vulnerabilities in OneWorldStore allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) owAddItem.asp or (2) owProductDetail.asp, (3) idCategory parameter to owListProduct.asp, or (4) bSpecials parameter to owListProduct.asp.

Exploits (3)

exploitdb WRITEUP VERIFIED

by Dcrab · textwebappsasp

https://www.exploit-db.com/exploits/25426

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Dcrab · textwebappsasp

https://www.exploit-db.com/exploits/25425

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Dcrab · textwebappsasp

https://www.exploit-db.com/exploits/25424

View Code ZIP pw:eip

References (11)

Core 11

Core References

Exploit vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1013720

Exploit, Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/13183

URL Repurposed x_refsource_confirm

http://www.oneworldstore.com/support_security_issue_updates.asp#April_15_2005_DCrab

Exploit, Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/13182

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/15518

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/15520

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/20097

Exploit, Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/13181

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/15519

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=111352017704126&w=2

Patch third-party-advisory x_refsource_secunia

http://secunia.com/advisories/14969

Scores

EPSS 0.0378

EPSS Percentile 88.1%

Details

Status published

Products (1)

oneworldstore/oneworldstore

Published May 02, 2005

Tracked Since Feb 18, 2026