Xt-commerce : Security Vulnerabilities, CVEs, Published In 2009 (Sql injection)
SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when magic_quotes_gpc is enabled and the SEO URLs are activated, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
6.8
EPSS Score
0.20%
Published
2009-02-26
Updated
2024-03-19
1 vulnerabilities found