CVE-2010-1359 Information

Description

SQL injection vulnerability in bluegate_seo.inc.php in the Direct URL module for xt:Commerce when magic_quotes_gpc is disabled allows remote attackers to execute arbitrary SQL commands via the coID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Reference

http://secunia.com/advisories/38197 http://www.securityfocus.com/bid/37808 cpe:2.3:a:bluegate:direct_url::::::::