PT-2026-22363
osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the reviews id parameter. Attackers can send GET requests to product reviews write.php with malicious reviews id values using boolean-based...