CVE-2006-4871

Publication date

2006-09-19 21:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in search_run.asp in Keyvan1 (aka Keyvan Janghorbani) EShoppingPro 1.0 allows remote attackers to execute arbitrary SQL commands via the order parameter.