Vulnerabilities > Cpcommerce > Cpcommerce > 1.2.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-04-20 | CVE-2009-1345 | SQL Injection vulnerability in Cpcommerce 1.2.8 SQL injection vulnerability in document.php in cpCommerce 1.2.8 allows remote attackers to execute arbitrary SQL commands via the id_document parameter. | 7.5 |