SQL injection vulnerability in the guestbook component (components/guestbook/guestbook.php) in Drake CMS 0.4.11 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Via HTTP header (HTTP_VIA) to index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
drake team drake cms |
||
drake team drake cms 0.2 |