MidnightBSD

Advisories for mhd_zaher_ghaibeh

CVE-2010-0724 HIGH

SQL injection vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
mhd_zaher_ghaibeh arab_cart 1.0.2.0
CVE-2010-0725 MEDIUM

Cross-site scripting (XSS) vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mhd_zaher_ghaibeh arab_cart 1.0.2.0