1 matches found
Sql injection
SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote attackers to execute arbitrary SQL commands via the productid parameter, as demonstrated by a shop/flypage action...