SQL injection vulnerability in member_login.php in PHP Classifieds 6.18 up to and including 6.20 allows remote malicious users to execute arbitrary SQL commands via the (1) username parameter, which is used by the E-mail address field, and (2) password parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
deltascripts php classifieds 6.18 |
||
deltascripts php classifieds 6.19 |
||
deltascripts php classifieds 6.20 |