Vulnerabilities > Ecshop > Ecshop > 2.5.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-05-12 | CVE-2009-1622 | SQL Injection vulnerability in Ecshop 2.5.0 SQL injection vulnerability in user.php in EcShop 2.5.0 allows remote attackers to execute arbitrary SQL commands via the order_sn parameter in an order_query action. | 7.5 |