Web4Future eCommerce Enterprise Edition 2.1 viewbrands.php bid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15707/info eCommerce Enterprise Edition is prone to multiple SQL injection vulnerabilities. These vulnerabilities could permit remote attackers to pass malicious input to database queries, resulting in modification of que...

CVE-2005-4035

Multiple SQL injection vulnerabilities in Web4Future eCommerce Enterprise Edition 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 prod, and 2 brid parameters to a view.php; the 3 the bid parameter to b viewbrands.php; and the 4 grp and 5 cat parameters to...