cve/2011/CVE-2011-3988.md

CVE-2011-3988

Description

SQL injection vulnerability in data/class/SC_Query.php in EC-CUBE 2.11.0 through 2.11.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

POC

Reference

• http://www.ec-cube.net/release/detail.php?release_id=286

Github

No PoCs found on GitHub currently.