SQL injection vulnerability in mstrack.php in MusOX DF MSAnalysis (DFMSA), as used in some environments that use CPG-Nuke Dragonfly CMS, allows remote malicious users to trigger path disclosure from a SQL syntax error, and possibly execute arbitrary SQL commands, via certain query data, probably involving the profile name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
musox df msanalysis 1.0.1 |