VYPR

Reward points addon

by Office Ocx

CVEs (1)

  • CVE-2009-2579Aug 5, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in reward_points.post.php in the Reward points addon in CS-Cart before 2.0.6 allows remote authenticated users to execute arbitrary SQL commands via the sort_order parameter in a reward_points.userlog action to index.php, a different vulnerability…