SQL injection vulnerability in PHPFox prior to 3.6.0 (build6) allows remote malicious users to execute arbitrary SQL commands via the search[sort_by] parameter to user/browse/view_/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpfox phpfox 3.6.0 |