CVE-2010-4908

Name of the Vulnerable Software and Affected Versions Virtue Shopping Mall (affected versions not specified)

Description A SQL injection issue exists in the detail.php file of Virtue Shopping Mall, allowing remote attackers to execute arbitrary SQL commands by manipulating the prodid parameter in the API endpoint.

Recommendations For Virtue Shopping Mall, avoid using the prodid parameter in the affected detail.php file until the issue is resolved. Restrict access to the detail.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.