Multiple SQL injection vulnerabilities in the administrative backend in Sefrengo prior to 1.6.1 allow remote administrators to execute arbitrary SQL commands via the (1) idcat or (2) idclient parameter to backend/main.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sefrengo sefrengo |