Multiple SQL injection vulnerabilities in Papoo 2.1.5, and 3 beta1 and previous versions, allow remote malicious users to execute arbitrary SQL commands via the (1) getlang and (2) reporeid parameter in (a) index.php, (3) menuid parameter in (b) plugin.php and (c) forumthread.php, and (4) msgid parameter in forumthread.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
papoo papoo 2.1.5 |
||
papoo papoo |
||
papoo papoo 2.1.2 |
||
papoo papoo 2.1.4 |