SQL injection vulnerability in pmlite.php in RunCMS 1.2 and 1.3a allows remote malicious users to execute arbitrary SQL commands via the to_userid parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
runcms runcms 1.3a |
||
runcms runcms 1.3a2 |
||
runcms runcms 1.2 |