Multiple SQL injection vulnerabilities in Infoproject Biznis Heroj allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters to login.php, (3) the filter parameter to widget.dokumenti_lista.php, and (4) the fin_nalog_id parameter to nalozi_naslov.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
infoproject biznis heroj |