CVE-2006-1098
Multiple SQL injection vulnerabilities in NZ Ecommerce allow remote attackers to execute arbitrary SQL commands via the 1 informationID or 2 ParentCategory parameter to index.php. NOTE: the vendor has disputed this issue in a comment on the researcher's blog, but research by CVE suggests that thi...