CVE-2010-2042

2010-05-2514:00:00

mitre

www.cve.org

AI Score

8.3

Confidence

Low

EPSS

0.001

Percentile

27.8%

JSON

SQL injection vulnerability in search.php in ECShop 2.7.2 allows remote attackers to execute arbitrary SQL commands via the encode parameter. NOTE: some of these details are obtained from third party information.

References

packetstormsecurity.org/1005-exploits/ecshopsearch-sql.txt

secunia.com/advisories/39930

www.exploit-db.com/exploits/12702

www.securityfocus.com/bid/40338