CVE-2007-3247
CVE-2007-3247 describes an SQL injection in VirtueMart prior to 1.0.11. The vulnerability allows remote attackers to execute arbitrary SQL commands through unspecified parameters, potentially tied to improper input validation of PATH_INFO (PHP_SELF) by virtuemart_parser.php. The initial sources i...