2 matches found
CVE-2010-2140
CVE-2010-2140 describes a SQL injection in the Multishop CMS, specifically in the itemdetail.php script via the itemid parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands, with impact described as partial confidentiality, integrity, and availability compromise. ...
CVE-2010-2139
CVE-2010-2139 affects Multishop CMS (pages.php) with a vulnerability that allows remote attackers to execute arbitrary SQL commands through the id parameter. The issue is described as a SQL injection in pages.php, with the note that provenance is unknown and details were obtained from third party...