SQL injection vulnerability in index.php in eSHOP100 allows remote malicious users to execute arbitrary SQL commands via the SUB parameter.
eshop100 eshop100 _nil_