2 matches found
CVE-2008-2339
The CVE-2008-2339 entry describes an SQL injection vulnerability in Turnkey Web Tools SunShop Shopping Cart 3.5.1. The flaw occurs in the index.php file, where an attacker can inject SQL via the id parameter in an item action, potentially allowing remote execution of arbitrary SQL commands. This ...
CVE-2008-3768
The vulnerability is in Turnkey Web Tools SunShop Shopping Cart before 4.1.5, affecting the file component class.ajax.php . The CVE-2008-3768 entry describes multiple SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands. Exploitation paths include (1) the id...