CVE-2009-2023

SQL injection vulnerability in index.php in Shop-Script Pro 2.12, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the currentcurrency parameter...

Shop Script Pro 2.12 - SQL Injection

!/usr/bin/perl =about VENDOR Shop Script Pro 2.12 maybe other versions vulnerable too http://www.shop-script.com/ AUTHOR discovered & written by Ams ax330d doggy gmail dot com http://www.0x416d73.name/ VULN. DESCRIPTION Look in index.php at line 101. Variable $currentcurrency is set from...