CVE-2010-2042
ECShop 2.7.2 has an SQL injection in search.php via the encode parameter, allowing remote execution of arbitrary SQL commands. Affected component: ECShop (version 2.7.2); vulnerability arises from improper handling in search.php. Impact details and remediation steps are not provided in the suppli...