CVE-2006-6034

Name of the Vulnerable Software and Affected Versions SitesOutlet E-commerce Kit-1 PayPal Edition (affected versions not specified)

Description The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities allow remote attackers to execute arbitrary SQL commands. The vulnerabilities can be exploited through specific parameters in certain files, including the keyword or cid parameter in "catalogue.asp", and the pid parameter in "viewDetail.asp".

Recommendations For SitesOutlet E-commerce Kit-1 PayPal Edition, consider restricting access to the catalogue.asp and viewDetail.asp files until a patch is available. As a temporary workaround, avoid using the keyword, cid, and pid parameters in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.