CVE-2007-3119
CVE-2007-3119 describes a SQL injection vulnerability in the News feature (news.asp) of Kartli Alisveris Sistemi (aka Free-PayPal-Shopping-Cart) version 1.0. The flaw allows an attacker to craft the news_id parameter to execute arbitrary SQL commands on the backend database. The description expli...