Unrated severityNVD Advisory· Published Nov 17, 2006· Updated Apr 23, 2026

CVE-2006-5962

Description

Multiple SQL injection vulnerabilities in Hpecs Shopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields in the (a) login screen, and (3) searchstring parameter in (b) insearch_list.asp.

Affected products

Hpecs Shopping Cart/Hpecs Shopping Cart
cpe:2.3:a:hpecs_shopping_cart:hpecs_shopping_cart:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/22904nvdVendor Advisory
securityreason.com/securityalert/1879nvd
www.securityfocus.com/archive/1/451595/100/0/threadednvd
www.vupen.com/english/advisories/2006/4535nvd
exchange.xforce.ibmcloud.com/vulnerabilities/30287nvd
exchange.xforce.ibmcloud.com/vulnerabilities/30288nvd
www.exploit-db.com/exploits/2782nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000