CVE-2008-0546
The CVE-2008-0546 entry concerns CandyPress (CP) 4.1.1.26 and earlier 4.1.x, which contains multiple SQL injection vulnerabilities. The affected components are the AJAX endpoints: (a) ajax/ajax_optInventory.asp (parameters idProduct and options) and (b) ajax/ajax_getBrands.asp (parameter recid). ...