cpe:/a:magicscripts:e-store_kit-1 cpe:/a:magicscripts:e-store_kit-1:::pro_paypal cpe:/a:magicscripts:e-store_kit-2 cpe:/a:magicscripts:e-store_kit-2:::paypal CVE-2008-3594 2008-08-11T19:41:00.000-04:00 2017-09-28T21:31:45.537-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-08-12T13:39:00.000-04:00 BID 30524 SECUNIA 31273 SREASON 4139 EXPLOIT-DB 6193 XF estorekit-viewdetails-sql-injection(44159) SQL injection vulnerability in viewdetails.php in MagicScripts E-Store Kit-1, E-Store Kit-2, E-Store Kit-1 Pro PayPal Edition, and E-Store Kit-2 PayPal Edition allows remote attackers to execute arbitrary SQL commands via the pid parameter.