CVE-2008-6394

2009-03-04T17:30:00
ID CVE-2008-6394
Type cve
Reporter cve@mitre.org
Modified 2018-10-11T20:57:00

Description

SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the cs_cookies[customer_user_id] cookie parameter.