Multiple SQL injection vulnerabilities in Betster (aka PHP Betoffice) 1.0.4 allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) showprofile.php or (2) categoryedit.php or (3) username parameter in a login to index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
betster project betster 1.0.4 |