CVE-2006-3402

Name of the Vulnerable Software and Affected Versions VirtuaStore version 2.0

Description The issue allows remote attackers to execute arbitrary SQL commands via the password parameter when logging in. This is achieved by exploiting a SQL injection vulnerability.

Recommendations For VirtuaStore version 2.0, consider restricting access to the login functionality until a patch is available, and avoid using the password parameter in a way that could facilitate SQL injection attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.