SQL Injection in Shopex Ecshop

CVE-2010-2042

SQL injection vulnerability in search.php in ECShop 2.7.2 allows remote attackers to execute arbitrary SQL commands via the encode parameter. NOTE: some of these details are obtained from third party information.

Vulnerability class: SQL Injection

EPSS: 0.010 (57.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References