CVE-2005-2190 Information

Description

Multiple SQL injection vulnerabilities in Comersus shopping cart allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to comersus_optAffiliateRegistrationExec.asp or (2) idProduct parameter to comersus_optReviewReadExec.asp.

Reference

http://marc.info/?l=bugtraq&m=112077057001064&w=2 http://securitytracker.com/id?1014419