SQL Injection in create customer group function in EasyUse MailHunter Ultimate 2023 and previous versions allow remote authenticated users to execute arbitrary SQL commands via the ctl00$ContentPlaceHolder1$txtCustSQL parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
easyuse mailhunter ultimate |