2 matches found
Sql injection
Vastal I-Tech Dating Zone 0.9.9 allows SQL Injection via the 'productid' to addtocart.php, a different vulnerability than CVE-2008-4461...
CVE-2008-4461
CVE-2008-4461 affects Vastal I-Tech Dating Zone (likely version 0.9.9). The vulnerability is an SQL injection in the advanced_search_results.php script allowing an attacker to manipulate the fage parameter to execute arbitrary SQL commands. This enables remote exploitation with potential impact o...