SQL injection vulnerability in login.php in TheWebForum (twf) 1.2.1 allows remote malicious users to execute arbitrary SQL commands and bypass login authentication via the username parameter (aka the u variable).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
thewebforum thewebforum |