Sql injection
A vulnerability was found in slackero phpwcms up to 1.9.26 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument $phpwcms'dbprepend' leads to sql injection. The attack may be launched remotely. Upgrading to version 1.9.27 is able to...