Unrated severityNVD Advisory· Published Dec 30, 2010· Updated Jun 16, 2026
CVE-2010-4632
CVE-2010-4632
Description
Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to execute arbitrary SQL commands via the (1) article parameter to kb.asp, (2) specific parameter to cart.asp, (3) countrycode parameter to contact.asp, and the (4) srch parameter to search.asp. NOTE: the article parameter to pilot.asp is already covered by CVE-2008-2688.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:pilotcart:pilot_cart:7.3:*:*:*:*:*:*:*
- Range: =7.3
Patches
Vulnerability mechanics
References
6- advisories.ariko-security.com/november/audyt_bezpieczenstwa_745.htmlnvdExploit
- marc.infonvdExploit
- www.exploit-db.com/exploits/15448nvdExploit
- www.securityfocus.com/bid/44698nvdExploit
- secunia.com/advisories/30176nvdVendor Advisory
- packetstormsecurity.org/1011-exploits/aspilotpilotcart-sqlxssinject.txtnvd
News mentions
0No linked articles in our index yet.