SQL injection vulnerability in VirtueMart before 1.0.11 allows remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly related to improper input validation of the PATH_INFO (PHP_SELF) by virtuemart_parser.php.
CPE | Name | Operator | Version |
---|---|---|---|
virtuemart | le | 1.0.9 |