CVE-2008-3788
CVE-2008-3788 affects PICTURESPRO Photo Cart 3.9. Multiple SQL injection vulnerabilities exist when magic_quotes_gpc is disabled. Attack vectors include remote requests to search.php with qtitle, qid, qyear and to _login.php with email/password, enabling arbitrary SQL execution. Overall CVSS 2.0 ...