Unrated severityNVD Advisory· Published Jan 13, 2015· Updated Jun 17, 2026
CVE-2014-10033
CVE-2014-10033
Description
SQL injection vulnerability in the update_zone function in catalog/admin/geo_zones.php in osCommerce Online Merchant 2.3.3.4 and earlier allows remote administrators to execute arbitrary SQL commands via the zID parameter in a list action.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:oscommerce:online_merchant:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:oscommerce:online_merchant:*:*:*:*:*:*:*:*range: <=2.3.3.4
- (no CPE)range: <=2.3.3.4
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.