Security Advisory

CVE-2009-1622

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-05-12 16:00:00

Last updated 2024-08-07 05:20:34

Assigner mitre

State PUBLISHED

Description

SQL injection vulnerability in user.php in EcShop 2.5.0 allows remote attackers to execute arbitrary SQL commands via the order_sn parameter in an order_query action.

← Browse all CVEs View on cve.org ↗