2 matches found
Sql injection
SQL injection vulnerability in index.php in Mlffat 2.2 allows remote attackers to execute arbitrary SQL commands via a member cookie in an account editprofile action, a different vector than CVE-2009-1731...
CVE-2009-1731
The provided documents contain concrete details for CVE-2009-1731: MLFFAT 2.1 is affected, specifically the panel/index.php component. The vulnerability is an SQL injection caused by processing a base64-encoded supervisor cookie, enabling remote attackers to execute arbitrary SQL commands. Impact...