CVE-2009-4198

2009-12-04T19:30:00
ID CVE-2009-4198
Type cve
Reporter cve@mitre.org
Modified 2017-09-19T01:29:00

Description

SQL injection vulnerability in my_orders.php in MyMiniBill allows remote authenticated users to execute arbitrary SQL commands via the orderid parameter in a status action.