CVE-2010-1876

Ajsquare AJ Shopping Cart - SQL Injection

Title source: rule

Description

SQL injection vulnerability in index.php in AJ Shopping Cart 1.0 allows remote attackers to execute arbitrary SQL commands via the maincatid parameter in a showmaincatlanding action.

Exploits (1)

exploitdb WORKING POC VERIFIED

by v3n0m · textwebappsphp

https://www.exploit-db.com/exploits/12349

View Code ZIP pw:eip

References (4)

Core 4

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/39551

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/12349

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/58049

Exploit x_refsource_misc

http://packetstormsecurity.org/1004-exploits/ajshoppingcart-sql.txt

Scores

EPSS 0.0084

EPSS Percentile 74.9%

Details

CWE

CWE-89

Status published

Products (1)

ajsquare/aj_shopping_cart 1.0

Published May 12, 2010

Tracked Since Feb 18, 2026