2 matches found
CVE-2007-6466
Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote attackers to execute arbitrary SQL commands via 1 the prod parameter in a details action, 2 the cat parameter in a browse list action, or 3 the group parameter in a categories action. NOTE: it was later reported...
CVE-2007-6466
CVE-2007-6466 affects FreeWebshop 2.2.1 (and MOG-WebShop based on the same code) with multiple SQL injection vulnerabilities in index.php. The exploitable vectors are: (1) prod parameter in a details action, (2) cat parameter in a browse list action, and (3) group parameter in a categories action...