SQL Injection in My123tkshop E-commerce-suite

CVE-2007-6458

SQL injection vulnerability in shop/mainfile.php in 123tkShop 0.9.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded value of the admin parameter to shop/admin.php.

Vulnerability class: SQL Injection

EPSS: 0.020 (78.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References