Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and previous versions allow remote attackers or administrators to execute arbitrary SQL commands via the (1) id parameter in (a) user.php, or (2) where and (3) order parameters to (b) admin.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moderngigabyte modernbill |