VirtueMart Unspecified SQL Injection Vulnerability

VirtueMart Unspecified SQL Injection Vulnerability

VirtueMart is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in SQL queries.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerability in the underlying database.

Few technical details are currently available. We will update this BID as more information emerges.

This issue affects versions prior to VirtueMart 1.0.11; other versions may also be vulnerable.