Multiple SQL injection vulnerabilities in VBZooM 1.11 and previous versions allow remote malicious users to execute arbitrary SQL commands via the UserID parameter to (1) ignore-pm.php, (2) sendmail.php, (3) reply.php or (4) sub-join.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vbzoom vbzoom |