Multiple SQL injection vulnerabilities in OneWorldStore allow remote malicious users to execute arbitrary SQL commands via the idProduct parameter to (1) owAddItem.asp or (2) owProductDetail.asp, (3) idCategory parameter to owListProduct.asp, or (4) bSpecials parameter to owListProduct.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oneworldstore oneworldstore |