Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.
CPE | Name | Operator | Version |
---|---|---|---|
dm_filemanager | eq | 3.9.2 |