Unrated severityNVD Advisory· Published May 19, 2008· Updated Apr 23, 2026

CVE-2008-2339

Description

SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action, a different vector than CVE-2008-2038, CVE-2007-4597, and CVE-2007-2549.

Affected products

Turnkey Web Tools/Sunshop Shopping Cart
cpe:2.3:a:turnkeywebtools:sunshop_shopping_cart:3.5.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/29241nvdExploit
secunia.com/advisories/30282nvdVendor Advisory
securityreason.com/securityalert/3894nvd
www.securityfocus.com/archive/1/492120/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/42467nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000