1 results (0.005 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2
CVE-2017-17624 – PHP Multivendor Ecommerce 1.0 - 'sid' / 'searchcat' / 'chid1' SQL Injection
https://notcve.org/view.php?id=CVE-2017-17624
PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter. PHP Multivendor Ecommerce 1.0 tiene una inyección SQL mediante el parámetro sid en single_detail.php o los parámetros searchcat o chid1 en category.php. • https://www.exploit-db.com/exploits/43293 https://packetstormsecurity.com/files/145336/PHP-Multivendor-Ecommerce-1.0-SQL-Injection.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •