CVE-2008-2339

Turnkeywebtools Sunshop Shopping Cart - SQL Injection

Title source: rule

Description

SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action, a different vector than CVE-2008-2038, CVE-2007-4597, and CVE-2007-2549.

Exploits (1)

exploitdb WORKING POC VERIFIED
by irvian · perlwebappsphp
https://www.exploit-db.com/exploits/31800

References (5)

Scores

EPSS 0.0035
EPSS Percentile 57.3%

Details

CWE
CWE-89
Status published
Products (1)
turnkeywebtools/sunshop_shopping_cart 3.5.1
Published May 19, 2008
Tracked Since Feb 18, 2026