CVE-2006-5772 Information

Description

Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) password and (2) prod parameter.

Reference

http://secunia.com/advisories/22664 http://www.freewebshop.org/index.php?id=27 http://www.vupen.com/english/advisories/2006/4332 https://exchange.xforce.ibmcloud.com/vulnerabilities/29990 https://www.exploit-db.com/exploits/2704