Page 3 of 11 results (0.001 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2

PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter. PHP Multivendor Ecommerce 1.0 tiene una inyección SQL mediante el parámetro sid en single_detail.php o los parámetros searchcat o chid1 en category.php. • https://www.exploit-db.com/exploits/43293 https://packetstormsecurity.com/files/145336/PHP-Multivendor-Ecommerce-1.0-SQL-Injection.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •