CVE-2006-4267
CVE-2006-4267 affects CubeCart and earlier versions (up to 3.0.11) with multiple SQL injection flaws. Remote attackers can trigger SQL commands via the parameters (1) oid in modules/gateway/Protx/confirmed.php and (2) x_invoice_num in modules/gateway/Authorize/confirmed.php. The NVD entry lists a...