2 matches found
CVE-2010-1327
CVE-2010-1327 refers to SQL injection in TornadoStore 1.4.3 and earlier. The vulnerability affects the web app via two input points: (1) the precios.php3 script with the vulnerable parameter marca , and (2) the control/abm_list.php33 action for delivery_courier with the where parameter. Exploitat...
TornadoStore 1.4.3 SQL Injection
Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ Multiple SQL Injection in TornadoStore 1.4.3 1. Advisory Information Title: Multiple SQL Injection in TornadoStore 1.4.3 Advisory ID: BONSAI-2010-0106 Advisory URL:...