SitesOutlet Ecommerce Kit Multiple SQL Injection Vulnerabilities

SitesOutlet Ecommerce Kit Multiple SQL Injection Vulnerabilities

An attacker can exploit these issues via a web client.

The following proof-of-concept URIs are available

http://www.example.com/PATH/catalogue.asp?keyword=[sql]
http://www.example.com/PATH/catalogue.asp?cid='[sql]
http://www.example.com/PATH//viewDetail.asp?pid='[sql]