CVE-2006-4852

SQL injection vulnerability in browse.asp in QuadComm Q-Shop 3.5 allows remote attackers to execute arbitrary SQL commands via the OrderBy parameter.

Date published : 2006-09-18

http://www.securityfocus.com/bid/20075

http://www.securityfocus.com/archive/1/446231/100/0/threaded