Multiple SQL injection vulnerabilities in Qsoft K-Links allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to visit.php, or the PATH_INFO to the default URI under (2) report/, (3) addreview/, or (4) refer/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
qsoft k-links |