CVE-2010-4147

Publication date

2010-11-01 23:00:00

Family

mitre

State

PUBLISHED

Description

Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 build 8356 free edition and earlier allow remote attackers to execute arbitrary SQL commands via the User-Agent header to (1) index.php and (2) product-list.php.