CVE-2010-4735

Ecommercemax Solutions DGS <1.5 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-4735. PoCs published by R4dc0re.

AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in Ecommercemax Solutions Digital Good Seller version 1.5. The vulnerability is triggered via the 'd' parameter in the shoppingcart.asp page.

Description

SQL injection vulnerability in shoppingcart.asp in Ecommercemax Solutions Digital-goods seller (DGS) 1.5 allows remote attackers to execute arbitrary SQL commands via the d parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by R4dc0re · textwebappsasp

https://www.exploit-db.com/exploits/15687

View Code ZIP pw:eip

This is a writeup describing a SQL injection vulnerability in Ecommercemax Solutions Digital Good Seller version 1.5. The vulnerability is triggered via the 'd' parameter in the shoppingcart.asp page.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Theoretical

Target: Ecommercemax Solutions Digital Good Seller 1.5

No auth needed

Prerequisites: access to the vulnerable shoppingcart.asp page

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/69630

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/45204

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/15687

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/42466

Scores

EPSS 0.0099

EPSS Percentile 58.0%

Details

CWE

CWE-89

Status published

Products (1)

ecommercemax/digital-goods_seller 1.5

Published Feb 16, 2011

Tracked Since Feb 18, 2026