CVE-2012-5317

SQL injection vulnerability in main_bigware_43.php in Bigware Shop before 2.1.5 allows remote attackers to execute arbitrary SQL commands via the lastname parameter in a process action.

Date published : 2012-10-08

http://www.securityfocus.com/bid/51640

http://archives.neohapsis.com/archives/bugtraq/2012-01/0143.html