CVE-2010-0690
CVE-2010-0690 is an SQL injection affecting the CommodityRentals Video Games Rentals product, via the index.php pfid parameter in a catalog action. The underlying issue allows remote attackers to manipulate SQL commands and potentially access or alter data. Exploitation is documented (Exploit DB ...