Description
SQL injection vulnerability in customer_testimonials.php in the Customer Testimonials 3 and 3.1 Addon for osCommerce Online Merchant 2.2 allows remote attackers to execute arbitrary SQL commands via the testimonial_id parameter.
Remediation
References
Related Vulnerabilities
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.39)
WordPress 3.7.4 Multiple Vulnerabilities (3.7 - 3.7.4)
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-7871)
WordPress Plugin Uncanny Toolkit for LearnDash Cross-Site Request Forgery (3.6.4.1)
WordPress Plugin ImageBoss-Images Up To 60% Smaller & CDN Cross-Site Scripting (3.0.4)