2018-05-22 19:29:00 2018-06-25 23:55:55

iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter.