The provided text describes SQL injection vulnerabilities in Cetera eCommerce due to insufficient input sanitization. It includes example URIs demonstrating the vulnerability but lacks functional exploit code.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Cetera eCommerce 14.0 and previous versions
No auth needed
Prerequisites:Access to the vulnerable web application