SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp in CactuShop 5.x allows remote attackers to execute arbitrary SQL commands via the strItems parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.031
EPSS Ranking 86.0%