SQL Injection Vulnerability in iCMS v7.0.7 admincp.app.php Page
iCMS is a free, clean, efficient, and useful PHP content management system. iCMS v7.0.7 suffers from a SQL injection vulnerability in the admincp.app.php page. The vulnerability stems from the orderby parameter being brought into the database for execution without any processing. An attacker can...