__________________________ A R I A - S E C U R I T Y ___________________________ A-Cart SQL Injection And Cross-Site Scripting http://alanward.net Cross Site Scripting: http://localhost/path/error.asp?msg=XSS SQL Injection: http://localhost/path/product.asp?productid=' SQL COMMAND Table Names are: categories customers orderitems orders products users (username,fullname,password,privileges) Credits Goes To Aria-Security Team http://Aria-Security.Net The-0utl4w