CVE-2008-3561 Information

Description

SQL injection vulnerability in s03.php in Powergap Shopsystem when magic_quotes_gpc is disabled allows remote attackers to execute arbitrary SQL commands via the ag parameter.

Reference

http://packetstorm.linuxsecurity.com/0808-exploits/powergap-sql.txt http://secunia.com/advisories/31382 http://www.securityfocus.com/bid/30558 https://exchange.xforce.ibmcloud.com/vulnerabilities/44270