2 matches found
CVE-2008-6304
This CVE concerns xt:Commerce prior to version 3.0.4 Sp2.1. The vulnerability is a SQL injection that arises when magic_quotes_gpc is enabled and SEO URLs are active, allowing remote attackers to execute arbitrary SQL commands via unspecified vectors. Impact is partial confidentiality, integrity,...
CVE-2008-6304
SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when magicquotesgpc is enabled and the SEO URLs are activated, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...