CVE-2004-1881

Publication date

2005-05-10 04:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp in CactuShop 5.x allows remote attackers to execute arbitrary SQL commands via the strItems parameter.