SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote malicious users to change the account credentials of known users via the "userEmail" parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yeager yeager cms 1.2.1 |