1 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

SQL injection vulnerability in index.php in Airvae Commerce 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter. Vulnerabilidad de inyección SQL en index.php de Airvae Commerce 3.0; permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro pid. • https://www.exploit-db.com/exploits/5689 http://secunia.com/advisories/30440 http://securityreason.com/securityalert/4637 http://www.securityfocus.com/bid/29423 https://exchange.xforce.ibmcloud.com/vulnerabilities/42734 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •