CVE-2004-1806
CFWebStore CFWebStore 5.0.x is vulnerable to SQL injection in index.cfm via the parameters category_id, product_id, or feature_id. The root cause is unsafe SQL construction, enabling remote attackers to run arbitrary SQL and potentially gain administrative access on affected hosts. The assessment...