Affcommerce » Affcommerce : Security Vulnerabilities, CVEs,
Multiple SQL injection vulnerabilities in AFFcommerce 1.1.4 allow remote attackers to execute arbitrary SQL commands via (1) the cl parameter to SubCategory.php and the item_id parameter in (2) ItemInfo.php and (3) ItemReview.php.
Max CVSS
6.4
EPSS Score
0.51%
Published
2005-11-30
Updated
2011-03-08
1 vulnerabilities found