# CVE-2009

<table><thead><tr><th width="170.60003662109375">CVE</th><th width="364.800048828125">CVE Description</th><th>Reference</th></tr></thead><tbody><tr><td>CVE-2009-2023</td><td>SQL injection vulnerability in index.php in Shop-Script Pro 2.12, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the current_currency parameter.</td><td><a href="https://www.exploit-db.com/exploits/8906">https://www.exploit-db.com/exploits/8906</a></td></tr></tbody></table>