CVE-2005-4330 Information

Description

SQL injection vulnerability in browse.ihtml in iHTML Merchant Mall allows remote attackers to execute arbitrary SQL commands via the (1) id (2) store and (3) step parameters.

Reference

http://pridels0.blogspot.com/2005/12/ihtml-merchant-mall-sql-inj.html http://secunia.com/advisories/18073 http://www.osvdb.org/21830 http://www.securityfocus.com/bid/15910 http://www.vupen.com/english/advisories/2005/2968