SQL injection vulnerability in the login page in flexycms/modules/user/user_manager.php in SimpleHRM 2.3, 2.2, and previous versions allows remote malicious users to execute arbitrary SQL commands via the username parameter to index.php/user/setLogin.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
simplehrm simplehrm 2.3 |
||
simplehrm simplehrm |