9.1 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
50.8%
SQL injection vulnerability in login.php in CuteFlow 1.5.0 and 2.10.0 allows remote attackers to execute arbitrary SQL commands via the UserId parameter, related to the login form field in index.php.
secunia.com/advisories/29612
securityreason.com/securityalert/3792
www.securityfocus.com/archive/1/490305/100/0/threaded
exchange.xforce.ibmcloud.com/vulnerabilities/41544