SQL injection vulnerability in lshop.cgi in Cosmoshop 8.11.106 and earlier allows remote attackers to execute arbitrary SQL commands via the artnum parameter.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Cosmoshop |
Cosmoshop |
* |
8.11.106 |
Cosmoshop |
Cosmoshop |
8.10.78 |
8.10.78 |
References