RSS   Podatności dla 'Mega mall'   RSS

2007-03-20
 
CVE-2006-7171

 

 
product_review.php in Koan Software Mega Mall allows remote attackers to obtain the installation path via a request with an empty value of the x[] parameter.

 
 
CVE-2006-7170

 

 
Multiple SQL injection vulnerabilities in Koan Software Mega Mall allow remote attackers to execute arbitrary SQL commands via the (1) t, (2) productId, (3) sk, (4) x, or (5) so parameter to (a) product_review.php; or the (6) orderNo parameter to (b) order-track.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top