CVE-2015-1476
Multiple SQL injection vulnerabilities affect the xlinkerz ecommerceMajor CMS. The issues allow remote attackers to execute arbitrary SQL commands via (1) productbycat in product.php or (2) username or (3) password in __admin/index.php. Attacker-supplied input is used in SQL queries, enabling dat...