Published:2006/04/13 Last Updated:2008/05/21
JVN#10222000
QUICK CART OS command injection vulnerability
Overview
QUICK CART is a shopping cart system that provides functionalities used for managing an Internet store.
An OS command injection vulnerability exists in QUICK CART as it does not properly validate the user input.
Products Affected
- QUICK CART Ver 1
- QUICK CART Ver 2
- QUICK CART Free
- QUICK CART Pro
- QUICK CART Plugin for Movable Type 3.2
Description
Impact
A remote attacker could execute arbitrary operating system commands on a server running QUICK CART.
Solution
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| QUICK-SOLUTION.COM | Vulnerable | 2006/04/13 |
| Vendor | Link |
| QUICK-SOLUTION.COM |
QUICK-SOLUTION.COM |
References
JPCERT/CC Addendum
Credit
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE | |
| JVN iPedia |
JVNDB-2006-000610 |