SQL injection vulnerability in the update_zone function in catalog/admin/geo_zones.php in osCommerce Online Merchant 2.3.3.4 and previous versions allows remote administrators to execute arbitrary SQL commands via the zID parameter in a list action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oscommerce online merchant |