SQL injection vulnerability in the checkEmailFormat function in plugins/jojo_core/classes/Jojo.php in Jojo prior to 1.2.2 allows remote malicious users to execute arbitrary SQL commands via the X-Forwarded-For HTTP header to /articles/test/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jojocms jojo-cms |
||
jojocms jojo-cms 1.2 |
||
jojocms jojo-cms 1.1 |