2 matches found
CVE-2010-1857
CVE-2010-1857 affects RepairShop2 1.9.023 Trial, in which a vulnerability in index.php (products.details action) allows SQL injection when magic_quotes_gpc is disabled. The underlying flaw is that user-controlled input in the prod parameter is not properly sanitized, enabling remote attackers to ...
CVE-2010-1857
SQL injection vulnerability in index.php in RepairShop2 1.9.023 Trial, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prod parameter in a products.details action. NOTE: the provenance of this information is unknown; the details are obtained sole...