CVE-2007-4597 Information

Description

SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote attackers to execute arbitrary SQL commands via the s[cid] parameter in a search_list action a different vector than CVE-2007-2549.

Reference

http://osvdb.org/38440 http://www.securityfocus.com/bid/25445 https://www.exploit-db.com/exploits/4313