2019-01-23 19:00:00
mitre
PUBLISHED
PHPSHE 1.7 has SQL injection via the admin.php?mod=product&act=state product_id[] parameter.