Multiple SQL injection vulnerabilities in AlstraSoft Affiliate Network Pro allow remote malicious users to execute arbitrary SQL commands via (1) the pgmid parameter in an uploadProducts action to merchants/index.php and possibly (2) the rowid parameter to merchants/temp.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alstrasoft affiliate network pro 8.0 |