Multiple SQL injection vulnerabilities in phpYellowTM Pro Edition and Lite Edition 5.33 allow remote malicious users to execute arbitrary SQL commands via the (1) haystack parameter to search_result.php or (2) ckey parameter to print_me.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpyellow phpyellowtm lite 5.33 |
||
phpyellow phpyellowtm pro 5.33 |