CVE-2008-6304

2009-02-26T23:30:00
ID CVE-2008-6304
Type cve
Reporter cve@mitre.org
Modified 2017-08-17T01:29:00

Description

SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when magic_quotes_gpc is enabled and the SEO URLs are activated, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.