CVE-2007-3247

2007-06-18T10:30:00
ID CVE-2007-3247
Type cve
Reporter cve@mitre.org
Modified 2017-07-29T01:32:00

Description

SQL injection vulnerability in VirtueMart before 1.0.11 allows remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly related to improper input validation of the PATH_INFO (PHP_SELF) by virtuemart_parser.php.