Multiple SQL injection vulnerabilities in K-Search 1.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) term, (2) id, (3) stat, and (4) source parameters to index.php, and (5) through the image parameters with an add request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
turn-k k-search |