2018-05-22 17:00:00
mitre
PUBLISHED
iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter.