SQL injection vulnerability in download.php in PhpWebThings 1.4.4 allows remote malicious users to execute arbitrary SQL commands via the file parameter.
source: wwwsecurityfocuscom/bid/15399/info
phpWebThings is prone to an SQL injection vulnerability This is an input validation issue related to data that will be used in SQL queries, allowing a remote user to influence the structure and logic of a query
It is likely that the issue could compromise the software Depending on the databas ...