CVE-2008-0498

Publication date

2008-01-30 21:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in main_bigware_53.tpl.php in Bigware Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the pollid parameter in a results action to main_bigware_53.php.