CVE-2008-3412
CVE-2008-3412 is a SQL injection in Comsenz EPShop (ECShop) prior to 3.0. The vulnerability is exploitable via the pid parameter in the pro_show or disppro actions to the default URI, enabling remote attackers to execute arbitrary SQL commands. The exploitation status is not detailed in the provi...