Multiple SQL injection vulnerabilities in CMScout 2.06 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) index.php in a mythings page (mythings.php) and (2) the users page in admin.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cmscout cmscout 2.06 |