Preproject: >> Pre Multi-Vendor Shopping Malls Security Vulnerabilities
SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls allows remote attackers to execute arbitrary SQL commands via the (1) sid and (2) cid parameters.
CVSS Score
7.5
EPSS Score
0.003
Published
2009-02-20
Pre Multi-Vendor Shopping Malls allows remote attackers to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
CVSS Score
7.5
EPSS Score
0.016
Published
2009-02-20