SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote malicious users to execute arbitrary SQL commands via the query parameter in the (1) question action, and possibly the (2) sub_par or (3) num_quest actions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
myshell evalsmsi 2.1.03 |