2 matches found
CVE-2006-7171
CVE-2006-7171 affects Koan Software Mega Mall. The vulnerability occurs in product_review.php, where remote attackers can cause disclosure of the installation path by sending a request with an empty value for the x[] parameter. The provided documents do not specify affected versions, root cause d...
CVE-2006-7170
CVE-2006-7170 describes multiple SQL injection vulnerabilities in Koan Software Mega Mall. The affected components are the PHP scripts (a) product_review.php via parameters t, productId, sk, x, or so, and (b) order-track.php via parameter orderNo. The root cause is unsafely concatenated SQL in th...