SQL injection vulnerability in Types.asp in Enthrallweb eCars 1.0 allows remote malicious users to execute arbitrary SQL commands via the Type_id parameter.
enthrallweb ecars 1.0