CVE-2008-4534
EC-CUBE contains a SQL injection vulnerability in Version 2.x (2.1.2a and earlier, and 2.x RC 2.3.0-rc1 and earlier). The root cause is unsafeguarded SQL construction via unspecified vectors, allowing remote attackers to execute arbitrary SQL commands. Impact described includes potential elevatio...