CVE-2010-4954
The CVE-2010-4954 entry describes an SQL injection in xt:Commerce Gambio 2008, specifically in the product_reviews_info.php handler. The vulnerability is triggered via the products_id parameter, allowing remote attackers to inject and execute arbitrary SQL commands. Affected software is xt:Commer...