CVE-2004-1881
CVE-2004-1881 affects CactuShop 5.x. The SQL injection vulnerability occurs in mailorder.asp and payonline.asp, where the user-supplied strItems parameter is not filtered before use in an SQL query, allowing remote attackers to modify queries and potentially execute system commands (e.g., via xp_...