CVE-2006-7170

2007-03-2010:00:00

mitre

www.cve.org

AI Score

8.5

Confidence

Low

EPSS

0.001

Percentile

51.1%

JSON

Multiple SQL injection vulnerabilities in Koan Software Mega Mall allow remote attackers to execute arbitrary SQL commands via the (1) t, (2) productId, (3) sk, (4) x, or (5) so parameter to (a) product_review.php; or the (6) orderNo parameter to (b) order-track.php.

References

marc.info/?l=bugtraq&m=116343783720459&w=2

www.securityfocus.com/bid/21072

exchange.xforce.ibmcloud.com/vulnerabilities/30214