SQL injection vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to execute SQL commands via the (1) category_id, (2) product_id, or (3) feature_id parameters.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cfwebstore | Dogpatch_software | 5.0 (including) | 5.0 (including) |