Security Advisory

CVE-2008-6258

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-02-24 18:00:00

Last updated 2024-08-07 11:27:34

Assigner mitre

State PUBLISHED

Description

SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the (1) UserID and (2) Pwd parameters. NOTE: this might be related to CVE-2004-2108.

← Browse all CVEs View on cve.org ↗