Advanced Webhost Billing System < 2.9.2 - SQL Injection via cart.php oid Parameter
SQL injection vulnerability in cart.php in Advanced Webhost Billing System (AWBS) 2.9.2 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the oid parameter in an add_other action.