CVE-2007-3323
CVE-2007-3323 describes an SQL injection in Comersus Shop Cart 7.07, exploitable via the idProduct parameter to comersus_optReviewReadExec.asp. Remote attackers could execute arbitrary SQL commands; the description notes it may be the same issue as CVE-2005-2190. No remediation or version-specifi...