CVE-2008-6394

2009-03-04T12:30:00
ID CVE-2008-6394
Type cve
Reporter NVD
Modified 2018-10-11T16:57:09

Description

SQL injection vulnerability in core/user.php in CS-Cart 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the cs_cookies[customer_user_id] cookie parameter.