SQL injection vulnerability in messages.php in PHP-Fusion 6.00.307 and previous versions allows remote authenticated users to execute arbitrary SQL commands via the srch_where parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php fusion php fusion 6.00.307 |
||
php fusion php fusion 6.00.306 |