Description

SQL injection vulnerability in customer_testimonials.php in the Customer Testimonials 3 and 3.1 Addon for osCommerce Online Merchant 2.2 allows remote attackers to execute arbitrary SQL commands via the testimonial_id parameter.

Remediation

References

CVE-2008-0719

Related Vulnerabilities

Apache HTTP Server Improper Access Control Vulnerability (CVE-2016-4979)

Perl Out-of-bounds Read Vulnerability (CVE-2015-8608)

WordPress Plugin Scoutnet Kalender Cross-Site Scripting (1.1.0)

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (2.8.6)

XWiki Missing Authentication for Critical Function Vulnerability (CVE-2022-24820)

Severity

High

Classification

CVE-2008-0719 CWE-138

Tags

Missing Update Known Vulnerabilities