CitrusDB 0.3.6 - uploadcc.php Arbitrary Database Injection
CitrusDB 0.3.6 - uploadcc.php Arbitrary Database Injection source: https://www.securityfocus.com/bid/12557/info CitrusDB is reportedly affected by an access validation vulnerability during the upload of CSV files. Exploitation of this issue could result in path disclosure or SQL injection. The...