SQL injection vulnerability in Saphp Lesson, possibly saphp Lesson1.1 and saphpLesson2.0, allows remote malicious users to execute arbitrary SQL commands via the forumid parameter in (1) showcat.php and (2) add.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
saphp saphplesson 1.1 |
||
saphp saphplesson 2.0 |