CVE-2006-7170
CVE-2006-7170 describes multiple SQL injection vulnerabilities in Koan Software Mega Mall. The affected components are the PHP scripts (a) product_review.php via parameters t, productId, sk, x, or so, and (b) order-track.php via parameter orderNo. The root cause is unsafely concatenated SQL in th...