CVE-2008-5216

Description

SQL injection vulnerability in category_list.php in AJ Square ZeusCart 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.

Affected products

• aj_square / zeuscart2.0

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/42333
• MISChttp://securityreason.com/securityalert/4636
• MISChttp://www.securityfocus.com/bid/29155
• EXPLOIThttps://www.exploit-db.com/exploits/5594